Check your search results here

Banking Jobs in Nairobi, Kenya - Standard Bank

Manager, Operational Risk


Standard Bank is not an abstract legal entity. We are our people. And our people have a distinct culture – a way of thinking and behaving.
To help us embody this culture in everything we do, we’ve come up with six attributes: expertise, opportunity, integrity, collaboration, performance and growth. These attributes explain what we believe in collectively. They also guide our behaviour and give us a shared frame of reference for what matters most to us. Ultimately, these are qualities we want our business to stand for.
Manager, Operational Risk – Information Risk, Technology and Cyber risks and Business Resilience
·         Job Type: Full Time
·         Qualification: BA/BSc/HND
·         Experience: 1 – 5 years
·         Location: Nairobi
·         Job Field: ICT / Computer
Job Details
Risk Management: understanding all risks – from the economic to the political – that could affect our global business, and offering guidance
to all parts of the bank
Job Purpose
To support the Head of Integrated Operational Risk in the effective and proactive management of Information Risk, Technology and Cyber risks and Business Resilience within the Bank aligned to the business strategy, operating model and Group Risk management policies.
This includes partnership with Business functions, Information Technology, Corporate Functions and Risk stakeholders to ensure that the processes for identifying, measuring, controlling and reporting of Information risk, Technology and cyber risks and Business Resilience is aligned to the Group risk framework.
The provision, management and implementation of Information Risk, Technology and Cyber risks and Business Resilience management requirements across the Bank.
Acting as a trusted business partner who equips the business with the mechanisms to identify, mitigate and treat information, technology, cyber and business continuity risks.
Responsibilities
Key Information Risk, Technology and Cyber risks management Responsibilities
·         To pro-actively manage information risks/threats to the business in line with the requirements of the Information Security Standard – ISO 27002, Central Bank Prudential requirements and Standard Bank Group information risk objectives.
·         Provide information and cyber risk subject matter expertise on the features and capabilities of the bank’s technology platforms and explore creative ways to address these risks based on new needs
·         Delivers information risk assessments and guide on the appropriate risk control strategies, whilst aligning information risk strategies with business objectives.
·         Manage the development, provisioning and successful execution of a proportionate information risk treatment program (e.g. mitigate, accept, transfer and avoid), as the
·         Bank transforms to digital platforms
·         Develop and maintain strong business and centre of excellence relationships, becoming a trusted partner, as well as building relationships with corporate functions such as
·         Internal Audit, Compliance, Information Security, Information Technology, Corporate and Investment Banking, Wealth and Personal and Business Banking.
·         Coordinate information and cyber risk self-assessment, risk assessment analysis, rating and provides control recommendations using the established Information Risk Management framework.
·         Manage the engagement process of information risk assessments and acts as a liaison with centres of excellence to deliver value to the business
·         Advices business personnel regarding the value and methods of safeguarding information.
·         Provide a holistic view of the risks through comprehensive reporting to the bank’s information assets introduced by personnel, processes, technology and external events.
·         Supports the ongoing knowledge management and formalization of the risks and threats the bank faces and how we choose to manage them through risk management reporting guidance.
·         Manages risks to banks information assets and assists businesses by specifying adequacy of control(s) required and validating the effectiveness of controls implemented in conjunction with business risk appetite.
·         Manage and track information risk control efforts and escalation to Head, Operational Risk where inadequate mitigation is evident.
·         Creates risk metrics and reports for tabling at risk governance committees at required frequencies including but not limited to Risk Management Committee and Board Risk Committee, the right management structures and drive remediation of said risks.
·         Effectively communicates with stakeholders to ensure support and commitment for the information risk and cyber security risk management program and to prioritize control initiatives and spending based on appropriate risk management.
·         Coordinate incident response planning and investigation of information risk, cyber security and technology related breaches, and where necessary support disciplinary and legal processes arising from such breaches
·         Initiate, facilitate and promote activities to create information risk awareness within the organization, including awareness of information risk related regulatory issues that have a potential impact to the environment in alignment with group wide awareness activities.
·         Coordinate and serve as a facilitator and liaison between the Head, Integrated Operational Risk, Business lines, Embedded Information Risk and Information Risk Office for the successful remediation of information, technology and cyber risks.
·         Establish cooperative dialogue between Business, Embedded Information Risk, Group Financial Crime Control, Information Risk Office and IT Security by visible and consistent action in monthly meetings.
·         Promote a fit for purpose approach to adopting information risk best practices within business units.
·         Promote compliance to information risk governance standards and policies.
·         Manage, and develop business personnel knowledge to ensure better information protection and management across with the assistance of information risk practitioners through awareness, training and workshops.
·         Acts as liaison between Business and various Governance, Control & Risk offices within the bank to create and maintain reporting, problem resolution, and other tasks necessary to continuous improvement and evolution of services.
·         Provide assurance on the management of relationship with vendors and suppliers to ensure full information risk value of the contracts entered is realised to the Bank.
·         Review and provide advice on existing innovation related standards, digital products and rollout of the same as relates to the information risk and technology risk associated with these activities.
·         Participate in industry education and networking events, maintain relationships with external community and encourages continuous benchmarking of the Bank information risk, technology risk and cyber risk management against good practices and industry practice
·         Proactive identification of key themes / initiatives / products and their potential risks across business unit and advising on improved management and mitigation of risks.
·         BCM Capability lifecycle management that includes:
·         BCM Governance – Policy Enforcement and Programme Administration
·         Business Impact Assessment & Risk Assessment – Analysis
·         Business Continuity Strategy – Design
·         Business Continuity Planning – Implementation
·         Pro-actively manage business continuity risks/threats to the business in line with Central Bank of Kenya Prudential guidelines, Standard Bank Group requirements and requirements of the Business Continuity Standard – ISO 22301.
·         Support and assist business entities in defining suitable and cost-effective recovery strategies/plans in accordance with policies, standards and framework best suited to their environment and aligned to the culture, complexity and risk appetite.
·         Works with Business Continuity stakeholders/ representatives in business to conduct, document and sign off Business Impact Analysis in-line with business resilience standards.
·         Assist the business with Business Continuity readiness by conducting Desktop Work- through Exercises with them.
·         Create staff education and awareness training to promote BCM awareness and culture using mechanism such as intranet, E-Learning, Emails, Presentations, periodic workshops and Email communications.
·         Coordinate the establishment and implementation of work area recovery site plan, document, maintain, rehearse and conduct recovery strategies exercises at WAR sites.
·         Ensure third party recovery plans are validated in accordance to our recovery priority agreement.
·         Manage and conduct business resilience exercises designed to ensure that all business functions and crisis teams are regularly tested in accordance to their criticality, capabilities and risk profile.
·         Ensure BCM and IT DR are aligned with business risk appetite and recovery priorities, documented, tested and reported to create business awareness.
·         Manage, train and administers the appropriate BCM tools ensuring they are up to date, functional and fit for purpose
·         Promote, manage and implement business continuity program of work ensuring compliance with regulatory requirements.
·         Provide monthly dashboard and Program of Work update report.
·         Ensuring that the following business documents are up to date and ready for execution to recover their, people, business process, technology and facilities in the event of an emergency, crisis or disaster:
·         Epidemic and Pandemic plan
·         Emergency Management/Site Plan
·         Crisis Management Plan (Including One-Pager)
·         Business Recovery Plan (including a recovery priority list for both business and IT)
·         Elections Readiness Plan
·         Working with the Bank’s physical security office, keep abreast with developments worldwide that may impact business, by reading newspapers, internet news sites, TV, radio etc. Action should be taken to report/communicate to staff, on strikes, threats and possible disruption to the business via email, BulkSMS etc. (communication must be signed off by relevant authority).

·         Ensure wardens and first aider training is conducted for assigned staff.
·         Schedule and conduct call tree exercise in accordance with BCM standards and regulatory requirements.
·         Attend BCM related training workshops and provide thought manager-ship on BCM related matters.
·         Monitor, promote and maintain an understanding of current/future business continuity trends and threats.
·         Coordinate Evacuation Exercise in accordance to BCM standards:
·         Coordinate in-line with evacuation checklist (pre, during and post evacuation)
·         Coordinate with premises, physical security and OHS teams:
·         Briefing and de-briefing sessions
·         Compile and distribute internal communications
·         Facilitate exemptions process
·         Publishing of final report and distribution to all stakeholders
Qualifications
·         Undergraduate degree in Information Technology, Computer Science/Engineering
·         At least one professional information security qualification: CRISC, CISM, CISA, CISSP or any other technology risk/security
related certifications
·         Proven experienced with ISMS and similar related standards as well as cyber security technologies
Good report writing, presentation and communication skills.
·         5 years work experience
Knowledge/Technical Skills/Expertise
Skills and knowledge
·         A relevant tertiary qualification (an operational risk management qualification would be an advantage);
·         Working knowledge of transaction processes relevant to products and services offered to customers e.g. within the corporate and investment banking and /or retail banking space;
·         Practical knowledge of how to input, access and utilise information from the network/systems to analyse and forecast trends;
·         A working knowledge of the banking operating systems and controls.
·         Problem solving
o    The ability to identify and understand the business needs and strategies and then to interpret and convert these into Information risk and business resilience strategies;
o    The need to identify the long term operational needs to support the business effort;
o    The job requires the incumbent to be able to handle authority expediently, be orientated towards immediate accomplishments and to be a firm decision-maker;
o    Has a practical comprehension of the impact of the service provided and relationship to staff and customer;
o    Has a sound recall of processes and previous experience in order to assist with problems raised.
·         Planning
o    The ability to meet tight deadlines;
o    Required to interpret, analyse, evaluate and formulate plans based on information from a number of sources including Information Risk and Business Resilience standards
o    Take a short to medium term perspective with regard to business planning;
o    Build in the provision for adjustment in planning and ensures plans are practical and in line with business objectives.
·         Decision making
o    The job requires the incumbent to be able to handle authority expediently, be orientated towards immediate accomplishments and to be a firm decision-maker;
o    Consider all the facts, options and possible outcomes prior to making decisions;
o    Quick to act upon potential opportunities and take the initiative within limits of authority.
Key Performance Measures
·         Embedding of Information Risk, Technology and Cyber risks Framework within Integrated Operational Risk.
·         Leadership over Information Risk, Technology and Cyber risks Risk & Control Self Assessments (RCSAs), and follow up of closure of control gaps identified;
·         Appropriate Key Risk Indicators documented, tracked and monitored;
·         Information Risk and Business Resilience Program of Work undertaken within set timelines, and achieving desired objectives
·         Business Continuity Management (BCM) updated and tested and fully compliant to Bank and regulatory requirements as contained in the Central bank Prudential guidelines;
·         Satisfactory Information Risk, Technology and Cyber risks and Business Resilience audit reports.
·         Satisfied customers as measured by internal feedback surveys.
How to Apply

Database Administrator

Standard Bank is not an abstract legal entity. We are our people. And our people have a distinct culture – a way of thinking and behaving.
To help us embody this culture in everything we do, we’ve come up with six attributes: expertise, opportunity, integrity, collaboration, performance and growth. These attributes explain what we believe in collectively. They also guide our behaviour and give us a shared frame of reference for what matters most to us. Ultimately, these are qualities we want our business to stand for.
Database Administrator
·         Job Type: Full Time
·         Qualification: BA/BSc/HND
·         Experience: 5 years
·         Location: Nairobi
·         Job Field: ICT / Computer
Job Details
Group Information Technology: Systems development, business analysis, architecture, project management, data warehousing, infrastructure, maintenance and production.
Job Purpose
To ensure effective and efficient management and support of Oracle Databases and other Oracle related applications. This also entails analyzing, documenting and proposing solutions for bank wide business areas and preparation of both functional and technical database system specifications (FSS & TSS) documents. Focus on database system optimization through analysis and development with respect to the database systems in order to ensure that desired functionality and performance is achieved as required by business. This role is also charged with designing and development of appropriate solutions as required by business to advance tactical and strategic initiatives.
Responsibilities
·         Proficiency in Oracle versions 10g, 11g and 12c, Oracle Cloud Control and Oracle ASM.
·         Strong understanding of Oracle relational databases, data structures, and SQL.
·         Responsible for ensuring availability and performance of the production and test databases that support the core banking application.
·         Work with the team to ensure that the associated hardware resources allocated to the databases and to ensure high availability and optimum performance.
·         To proactively monitor the database systems to ensure secure services with minimum downtime.
·         Responsible for providing trend analysis to the service management team to enable them to make informed decisions regarding resource management.
·         Responsible for all Oracle developments that are aimed at ensuring efficient management and use of the databases and ultimately aid all the application initiatives.
·         Responsible for problem escalation to third parties as appropriate.
·         Responsible for improvement and maintenance of the databases to include rollout and upgrades.
·         Responsible for testing of all Oracle database changes including fixes, patches and upgrades in line with the laid down change control policies. Responsible for implementation and release of database changes after thorough and comprehensive tests with sufficient engagement with all stakeholders e.g. application and infrastructure teams.
·         Responsible for the management and support of Oracle Data guard solution with a view of ensuring a consistently efficient backup process which ultimately aids IT efforts of meeting the established Service Level Agreement (SLA) with business.
Qualifications
·         Bachelor’s degree in Computer Science or a related discipline.
·         Work experience required, 5 years of experience in design and administration of logical and relational databases or systems analysis required.
·         Experience in the financial services industry is a plus.
·         Oracle Certified Professional
·         Business Continuity certification and ITIL will be an advantage
How to Apply

DO NOT MISS to Subscribe below for the latest jobs to your EMAIL for FREE

Enter your email address:

Delivered by FeedBurner

Want to know the latest news, read great articles, features, jobs and careers? Then click here