Summary
Date Posted: Wednesday, December 13 2023, Base Salary: Not Disclosed

JOB DETAILS:
We are hiring!
Our client in Lusaka, Zambia is looking for an IT Risk Analyst to join their team for a job vacancy
within the Banking industry.
Main Responsibilities:

IT Risk Register:
• Coordinate IT Risk Control Self Assessments (RCSAs)
• Collect and review completed RCSAs on a quarterly basis.
• Consolidate the results of RCSAs for aggregation and assessment of IT risk within the bank.
• Collate and update the bank’s IT risk register on a quarterly basis.
• Review IT risk assessment on quarterly basis and feed in the EWRM dashboard6
IT Audit issues tracking (External and Internal):
• Review all internal Audit issues and identify corrective actions and timelines.
• Follow up with IT on expedient closure of IT audit issues on a timely basis.
• Coordinate with Internal Audit on assurance reviews on all closed IT issues

IT Risk Reviews:
• Conduct end to end process review of sampled business units on an on-going basis with a
focus on enhancing IT related controls.
• Engage with business unit heads on process enhancements.
• Propose IT related enhancements and efficiencies.
• Conduct IT security risk reviews
Business Continuity Program (BCP)/Disaster Recovery Planning (DRP):
• Coordinate with operations in preparing the BCP/DRP
• Conducting annual reviews for the BCP/DRP to ensure relevance and applicability.
• Jointly conduct BCP/DRP tests with operations
• Prepare reports on all BCP/DRP tests with recommendations on improvements or
enhancements.

IT/Cyber security Risk:
• Corroborate with IT in the implementation of the Cyber Security Risk Management
Framework and associated policies.
• ensure compliance with existing national ICT-related legislation, policies, and regulations.
• Formulate procedures and processes for measuring and monitoring information and cyber
security risks and implementing mitigation measures and controls.
• Ensure deployment of strong authentication measure to protect customer data, transactions,
and critical systems.
• Coordinate information and cyber security risk awareness and provide training on mitigating
measures across the bank.
• Review the cyber-security incident response program to ensure that there are clearly defined and documented roles and responsibilities of managing cyber-attacks and communication channels amongst relevant stakeholders.
• Coordinate regular and comprehensive information and cyber security risk assessments are conducted and adequate processes are in place for monitoring IT systems to detect cyber security events and incidents in a timely manner;
• Coordinate with IT and operations on periodic tests for the disaster recovery and business continuity plans to ensure that the bank can continue to function and meet its regulatory obligations in the event of a cyber-attack or incident.
• Prepare and provide reports to the senior management on the overall status of the information cyber security programme.

Product Risk:
• Conduct product risk assessments for all new products before launch, with a focus on systems.
• Conduct periodic product risk assessment for all existing products, with a focus on systems.
• Review and recommend product controls to ensure effectiveness of the controls, with a focus on system.

IT Risk Awareness:
• Oversee the orienting and training to ensure awareness of IT and Cybersecurity Risks.
• Maintaining up-to-date knowledge of trends in IT Risk and Cybersecurity breaches particularly in financial industries.
• Collaborating with IT experts and other stakeholders to develop strategies useful in managing IT and Cybersecurity risks.

Other:
• Any other relevant duties as requested by the Line Manager.
Technical skills / Competency Requirements
• Good analytical, review, and reporting skills
• Attention to detail and problem-solving skills.
• In-depth Computer skills
• Data analysis techniques
• Good Microsoft packages capabilities.

Knowledge, Expertise and Experience
• A Bachelor’s degree in Computer Science, Information Technology or in a related field.
• Knowledge in Information technology, IT Risk and Business Continuity Management
• Certification in IT Risk Management
• At least 2 years experience working in a similar or related field.
• Good understanding of relevant laws, regulations, and industry best practices.
• Solid proficiency and understanding of analytics and proficiency in report writing.

Work Hours: 8

Experience in Months: 24

Level of Education: Bachelor Degree

Job application procedure
• Interested and qualified? Click here to apply

All Jobs

QUICK ALERT SUBSCRIPTION