Manager IAM at CRDB Bank Plc, Dar es Salaam January 2026

Website CRDB Bank Plc

CRDB Bank Plc

JOB VACANCY

MANAGER: IDENTITY AND ACCESS MANAGEMENT (IAM)

Reporting Line: Head of Cybersecurity
Location: Tanzania Head Office
Department: Cybersecurity Unit
Number of Openings: 1
Employment Terms: Permanent
Deadline: 12th February 2026

JOB PURPOSE

The Manager: Identity and Access Management (IAM) will lead the development, implementation, and continuous improvement of enterprise identity and access controls. This role is responsible for ensuring secure, compliant, and seamless access to the bank’s systems and digital services by driving the design, governance, and operation of IAM capabilities.

The position oversees Access Management, Privileged Access Management (PAM), and User Access Management (UAM) functions, ensuring consistent enforcement of identity policies, automation of access processes, and reduction of access-related risks. The role will provide subject matter expertise in identity security, guide the implementation of modern IAM technologies, and ensure that identity controls are fully integrated into business processes, system onboarding, and cybersecurity initiatives.

PRINCIPLE RESPONSIBILITIES

IAM Strategy & Governance

  • Define and own the IAM strategy and roadmap, aligning capabilities (Access Management, UAM, PAM) with cybersecurity priorities, business objectives, and regulatory obligations
  • Establish and enforce IAM policies and standards, ensuring alignment with internal bank policies, regulatory requirements, and industry best practices (e.g., least privilege, just-in-time access, credential rotation, separation of duties, zero trust)
  • Govern the enterprise RBAC model: oversee design, approval, maintenance, role engineering, and comprehensive documentation
  • Set IAM performance metrics and SLAs (e.g., JML timeliness, access request turnaround, access review completion, PAM coverage) and report on them to senior cybersecurity leadership

User Access Management (UAM)

  • Own end-to-end Joiner–Mover–Leaver (JML) execution across all in-scope applications, platforms, and directories—ensuring timely, accurate provisioning, changes, and de-provisioning with strong automation
  • Support automation of access processes (provisioning, de-provisioning, approvals, re-certifications) to reduce manual touchpoints, errors, and cycle time
  • Lead periodic user access reviews/attestations with business owners, ensure Segregation of Duties control enforcement, track remediation, and maintain audit-ready evidence
  • Maintain comprehensive IAM/UAM documentation—procedures, playbooks, runbooks, and user guides—and ensure they are current and version-controlled

Privileged Access Management (PAM)

  • Own and administer the enterprise PAM platform, including vaulting strategy, policy configuration, integrations, and platform health/availability
  • Ensure complete and continuous onboarding of privileged accounts (human and non-human) into PAM with appropriate classifications and controls
  • Enforce privileged access controls, including session recording, just-in-time (JIT) access, credential rotation, and break-glass procedures; support continuously monitoring and auditing privileged sessions for violations and misconfigurations
  • Enable and upskill administrators and operators on secure privileged access usage via PAM, including approved workflows, session launchers, and integrations

Risk, Incident, and Compliance

  • Lead incident management for access-related events, including violations, misconfigurations, and unauthorized access; drive root-cause analysis, corrective actions, and preventive controls
  • Continuously assess access risks across systems and drive risk reduction initiatives coverage expansion, control hardening, and exception management

Integration, Evolution & Platform Ownership

  • Ensure secure integration of IAM with enterprise systems (apps, directories, cloud platforms, federation/SSO, MFA), working closely with engineering, infrastructure, and application teams
  • Evaluate and implement IAM enhancements (e.g., improved workflows, connectors, MFA/SSO patterns, passwordless/JIT), manage changes through defined CAB and change management processes
  • Own vendor relationships and licensing for IAM/PAM tools, manage upgrades/patching, and ensure platform scalability, reliability, and performance

QUALIFICATIONS REQUIRED

Education

  • Bachelor’s degree in Computer Science/Engineering, Cyber Security, Software Engineering, or related academic field

Certifications

  • Industry certifications such as CISA, CISSP, or ISO 27001 LA/LI are a plus

Experience

  • Minimum of 5 years of experience in Cyber Security, User Access Review and Management, Privileged Access Management, or related fields

Technical Knowledge & Skills

  • Solid understanding of IAM and PAM tools like CyberArk, BeyondTrust and any other access management and access review tools
  • Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS)
  • Experience in User access right review processes and procedures, User Matrix Setup, and management
  • Basic knowledge of Incident management and Troubleshooting
  • Understanding of ICT infrastructure, networks, and application administration
  • Analytical and problem-solving skills, especially in identifying and mitigating security risks
  • Ability to work collaboratively within cross-functional teams
  • Basic project management and documentation skills
  • Strong foundation of the required skills and knowledge through projects, programs, and related experience

CRDB COMMITMENT

CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individuals with disabilities are encouraged.

Important Note: CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank’s practices.

Only shortlisted candidates will be contacted.

How to Apply:

 To submit your application, please follow the link provided below.

CLICK HERE TO APPLY

To apply for this job please visit careers.crdbbank.co.tz.

Spread the love

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by