This is a critical leadership role responsible for driving governance and compliance within the Digital Information Technology Department. This position involves establishing and maintaining effective information technology and information security policy frameworks that meet regulatory requirements and industry best practices.

The incumbent will lead efforts to ensure that compliance standards are upheld across the organization, fostering a culture of accountability and excellence within the Digital IT Department.

In addition to governance responsibilities, the Senior Manager will play a vital role in risk management, ensuring that potential risks are proactively identified and mitigated. This includes integrating risk management processes into all aspects of IT operations and decision-making. The role will also involve collaborating with various stakeholders across the Bank to promote awareness and understanding of governance and compliance protocols.

Additionally, the role will oversee the Business Continuity program for Information Technology, ensuring that IT services remain available to business operations and customers in the event of unforeseen disruptions. This includes developing, implementing, and testing business continuity plans to meet agreed-upon service levels, particularly regarding Recovery Point Objectives (RPO) and Recovery Time Objectives (RTO). By effectively managing these responsibilities, the Senior Manager will contribute to the Bank’s overall resilience and capacity to maintain operational continuity.

Through strategic leadership, stakeholder engagement, and a commitment to excellence, the Senior Manager of IT Governance will play a pivotal role in aligning the IT Department’s objectives with the broader goals of the organization, ensuring long-term stability and success.

Key Responsibilities:

• Serve as the custodian of Information Technology (IT) and Information Security (IS) policy and governance frameworks across the Group, ensuring that these frameworks are effectively implemented and integrated into the organization’s operations.
• Manage the IT and IS policy framework, which includes the creation, regular review, updating, dissemination, and monitoring of policies to ensure clarity and compliance throughout the organization.
• Stay informed on evolving regulations and prudential guidelines impacting information technology and information security, consistently updating the Bank’s policies, standards, and procedures to align with industry best practices and compliance requirements.
• Oversee the administration and management of Information Technology and Information Security processes, ensuring that these processes are efficient, secure, and conducive to achieving organizational objectives.
• Provide strategic guidance to IT teams, driving the adoption of technology best practices such as COBIT, ISO 20000, ISO 27001, and PCI DSS. Ensure these best practices are thoroughly enshrined within IT policies and practices.
• Oversee and manage risk management tools and practices within the IT Department, including the implementation and maintenance of Risk Control Self-Assessments (RCSA) and IT risk registers across the Group.
• Serve as the key liaison for all internal and external IT and Information Security (IS) audit and risk assessment engagements across the Group. Coordinate with auditors and stakeholders to facilitate comprehensive assessments and ensure timely resolution of any identified issues.
• Track and report on IT audit and risk findings, including the management of forums for IT leadership to discuss and address these findings.
• Lead the Information Security Awareness program across the Group and with external stakeholders, developing and implementing awareness training sessions, tools, and reporting mechanisms to foster a strong security culture.
• Oversee and manage the Business Continuity Program within the IT Department, including conducting IT Business Impact Analyses to assess and prioritize critical IT functions across the Group.
• Collaborate with key IT stakeholders to maintain up-to-date disaster recovery plans, ensuring that recovery procedures are effective and align with the organization’s needs.
• Manage disaster recovery and backup testing schedules, ensuring that tests are conducted regularly. Prepare comprehensive reports on test results and implement necessary remedial actions to address any identified deficiencies.
• Provide strong leadership and performance management for direct reports, fostering a culture of continuous improvement through regular feedback and objective evaluations at the end of the year.
• Coordinate and manage a team of resources and consultants to fulfill the governance and compliance function effectively

Skills & Qualifications:

• Bachelor’s degree in business, computer science, computer engineering, electrical engineering, system analysis, or a related field. A Master’s degree will be an added advantage.
• Minimum of 6 years of experience in IT, Information Security, IT Audit, or IT Governance, including at least 2 years in a managerial role within a highly digitized organization.
• At least 3 years of experience conducting IT compliance assessments or IT governance and assurance/compliance assessments.
• Relevant certifications in Information Security, such as Information Systems Auditing, Information Security Management, or Business Continuity/Disaster Recovery, will be an added advantage.
• Strong knowledge of information security best practices and compliance standards.
• Proficient in audit management and reporting, with demonstrated experience in managing audits effectively.
• Prior experience in a Financial services organization is a significant advantage.