Manager InfoSec & Controls Assurance Job at Exim Bank Tanzania

Job Title: Manager – InfoSec & Controls Assurance

Dar es Salaam
Exim Bank Tanzania
Exim Bank (Tanzania), is a commercial bank in Tanzania.

Department: Information Technology
Reporting to: Senior Manager Technology
Hours of Work: 8 am – 5 pm Monday to Friday.
Additional hours as required by workload
Responsible for: InfoSec and Controls Assurance Team
Region: Dar es Salaam

PURPOSE OF JOB
To plan, organize and effectively lead lnfoSec and Controls Assurance team to detect and defend systems and information assets (business and customer data) against any internal and external threats.

Manager InfoSec & Controls Assurance Job at Exim Bank Tanzania

PRINCIPAL RESPONSIBILITIES:

Review and implement security monitoring and incidents response strategy and roadmap for the bank.
Drive cybersecurity monitoring and incident response initiatives within the bank to improve security monitoring capabilities.
Establish real-time proactive monitoring and detection of security incidents and provide relevant notifications.
Implement automated responses to cybersecurity incidents by integrating and building various security tools.
Overseeing the investigation of reported security breaches including fraud cases in collaboration with the bank’s fraud management unit.
Develop and provide actionable dashboards that show clear visibility of security attacks to the bank.
Provide “ownership” of security” Middleware, and Applications
Implement security governance by defining, developing, implementing, and maintaining required security policies, procedures, standards, and guidelines.
Conduct research, evaluate, and make recommendations on security monitoring and incident response tools, services, protocols, standards, and
associated best practices.
Prepare and maintain security monitoring documentation including architectures, designs, and governance documents.
Communicate critical cybersecurity incidents to technology and business leaders
Oversee internal and external security assessment activities including vulnerability assessments and penetration tests,
Support Exim Subsidiaries (Exim Djibouti, Comoros, and Uganda) on technology standards compliance and aligning with group standards and best practices while considering local regulatory directives.
Vulnerability management across the Exim group (coordination of VAPT and continuous identification of
vulnerabilities towards closure)

QUALIFICATION AND EXPERIENCE

At least a bachelor’s degree in Computer Science, Engineering, or related academic field.
Preferred professional certifications such as CEH, CSM, (ISA, (SSP, or any other relevant security certifications.
At least 5 years of relevant work experience in Cybersecurity.
Solid hands-on experience in enterprise security tools including security monitoring technologies such as SIEM and SOAR tools.

COMPETENCIES, KNOWLEDGE, AND SKILLS

Knowledge of common information Security Management Frameworks/Standards such as ISO/IEC 27001, NIST CSF, and PCI.
Solid hands-on experience in enterprise security tools including security monitoring technologies such as SIEM and SOAR tools.