• Review of the Bank’s critical systems, recommendation, and implementation of appropriate and adequate IT security controls to mitigate and minimize information security risks. 
  • Continuous review of controls in place to identify and close gaps and provide continuous assurance on the security of the bank’s information systems 
  • Provide IT security support to IT Security Services and Internal Audit. 
  • Implement an effective information security awareness program in the Bank.
  • Continuous review of systems at all levels i.e. servers, applications, database, network devices, etc., identify risks and make recommendations on the closure of the risks. 
  • Be involved in providing forensic data to all reviewers i.e. investigators, analysts, etc.
  • Be involved and provide security guidance during technology projects, systems deployment, upgrades, and changes.
  • Review all issues logged by users and analyze trends as relates to systems security management.
  • Ensure all sensitive and confidential bank information is protected in conformity with the Bank’s privacy policies.
  • Manage all external parties’ access to bank infrastructure and systems and have detective measures for intrusion.
  • Provide and analyze departmental self-assessment reports on all systems controls to assist in focused controls.
  • Provide information security training and awareness to various groups of Bank staff & stakeholders.

Required skills for the role:

  • Adequacy of personal competence to effectively maintain quality assurance for the bank’s information systems security in a manner that consistently meets established standards or benchmarks.
  • Good understanding of Information Security and control objectives
  • Interpersonal and advocacy skills
  • Appreciation of Audit methodologies
  • Fair understanding of Information Systems architecture and operational practices
  • Presentation skills
  • Report writing


  • University degree in Computer Science or Information Technology(M)
  • Minimum 3 years working experience, with 2 years’ experience in Information Security or Information Risk.
  • Certification in a system audit or security related area, such as CISA, CISM or CISSP or CRISC
  • Experience of working in the IT function within a banking environment will be an added advantage. 
  • Working technical knowledge of ATMs will be an advantage.
  • Experience in audit of systems will be an advantage
  • Experience in performing analytical roles in complex business environments
  • Proven experience in implementing cyber security governance.