Tanzania Commercial Bank is a Bank that provides competitive financial services to our customers and creates value for our stakeholders through innovative products.

Tanzania Commercial Bank is a Bank, whose vision is “to be the leading bank in Tanzania in the provision of affordable, accessible and convenient financial services”. As part of effective organizational development and management of its human capital in an effective way, Tanzania Commercial Bank commits itself towards attaining, retaining and developing the highly capable and qualified workforce for Tanzania Commercial Bank betterment and the Nation at large.

Principal information Communication And Technology

Officer I

(1 Position)

Tanzania Commercial Bank seeks to appoint dedicated, self-motivated and highly organized Principal ICT Officer I to join the Directorate of Information and Communication Technology.

DIRECT REPORTING LINE Director of Information and Communication Technology
LOCATION Head Office
WORK SCHEDULE As per Tanzania Commercial Bank Staff regulations
DIVISION ICT Security
SALARY Commensurate to the Job Advertised

Position Objective
Principal ICT officer I – ICT Security and BCM ensure information security Management system and Cyber security framework are in place to guarantee the confidentiality, integrity and availability of all information systems deployed in the bank for the provision of services to our customers.

Responsibilities

Creating and managing a comprehensive information security programs and strategies in line with business strategies.

Develops and maintains a document framework of continuously up-to-date information security policies, standards and guidelines.

Ensure the protection of all information assets owned or controlled by the bank to safeguard confidentiality, integrity and availability.

Communicate information security policies and awareness programs effectively with other department managers and the entire staff within the organization.

Develop and maintain an information security budget function and monitor the spending within the financial year.

Research emerging security threats and vulnerabilities and advise management on appropriate countermeasures.

Facilitates a metrics and reporting framework to measure and efficiency and effectiveness of the information security management program, increases the maturity of the information security and reviews it with stakeholders.

Creates a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection of information assets.

Ensure the compliance of all ICT sections towards effective implementation of security controls, cyber resilience, and disaster recovery capabilities.

Report on the performance of Information Security Management System (ISMS), non-conformities and improvement activities.

Oversee that Information Security Risk assessment and Risk Treatment Plan is conducted and updates as per the agreed frequency.

Coordinates all the ICT internal and external audit engagements, making follow-ups on the audit findings with all stakeholders.

Advise the Senior Management in all Cyber and Information Security Management issues.

Ensure the Information Security Management System conforms to the requirements of the ISO 27001 Standard and also adopt best practice in other standards such as ITIL, COBIT, CIS, NIST Cybersecurity Framework and PCI-DSS.
Determines the information security approach and operating model in consultation with stakeholders and aligned with the risk management approach and compliance monitoring of non-digital risk areas.

Lead the information security team and champions on achieving the information security objectives and targets.

Coordinate and manage Business Continuity Plans bank-wide including Business Impact Analysis and Risk Assessments.

Establish and maintain Business Continuity Management Program.

EXPERIENCE AND KNOWLEDGE REQUIRED:

Education: Holder of Master’s Degree in one of the following fields; Computer Science, Information Technology, Computer Engineering, Cybersecurity, Information Security, Artificial Intelligence, Data Science, Electronics Engineering, Telecommunication Engineering, Digital Forensic from any recognized institution with 10 years’ experience in the relevant field. Possession of ICT related professional certification will be an added advantage.