Specialist Cybersecurity Governance at CRDB Bank Plc, Dar es Salaam January 2026

Website CRDB Bank Plc

CRDB Bank Plc

JOB VACANCY

CYBERSECURITY GOVERNANCE, RISK & COMPLIANCE (GRC) SPECIALIST

Reporting Line: Manager IAM
Location: Tanzania Head Office
Department: Cybersecurity Unit
Number of Openings: 1
Employment Terms: Permanent
Deadline: 12th February 2026

JOB PURPOSE

Driving the governance backbone of the cybersecurity program, maintaining the policies, standards, procedures & processes, running security awareness & trainings, managing the department risk registers and tracking vendor security & contracts. This role also ensures BCM/DRP alignment with business & security objectives and produces high-quality reports for executive committees, audit, and regulators.

PRINCIPLE RESPONSIBILITIES

Policy & Standards Management

  • Own and maintain the cybersecurity policy framework (policies, standards, procedures, baselines)
  • Coordinate GRC documentation lifecycle (versioning, approval workflow, repository hygiene, periodic reviews)
  • Support policy exceptions process (risk-based approvals, expiry, compensating controls)

Security Awareness & Training

  • Lead the security awareness & training program (annual plan, phishing simulations, targeted training for high-risk roles)

Risk Management

  • Maintain the enterprise cyber risk register (methodology, scoring, KRIs, treatment tracking, dashboards)

Third-Party Risk & Vendor Management

  • Drive third-party risk management (security due diligence, contract clauses, SLAs, compensating controls, payments)
  • Partner with Procurement to ensure security clauses and payment gates for non-compliant vendors

Business Continuity & Disaster Recovery

  • Ensure BCM/DRP integration with cybersecurity (RPO/RTO security dependencies, backup & restore testing, tabletop exercises)

Governance Reporting & Meetings

  • Prepare governance reports & packs for management meetings
  • Facilitate security meetings and committees—agenda, minutes, action logs, and follow-ups

Compliance & Audit Management

  • Maintain compliance mappings and compliance (e.g., NIST CSF, ISO/IEC 27001, PCI DSS, SWIFT CSP, regulatory matrix)
  • Track audit findings and regulatory commitments to timely closure
  • Coordinate with auditors and cross-functional team members to establish security audit scope and schedules, maintain excellent relationships with audit, risk, regulator teams and provide a consistent perspective
  • Provide guidance, evaluation and advocacy on audit findings and recommendations and ensure appropriate mitigation actions are developed and implemented in a timely manner

Budget & Resource Management

  • Manage Cybersecurity budget planning, proposals, changes, resourcing, procurement, and utilization

People Management

  • Champion people’s agenda within the department, including but not limited to allocation/relocation, performance, productivity, training needs, developments and recruitments facilitation

Strategic Alignment

  • Monitor execution of Cybersecurity strategy in alignment with the overall corporate and ICT strategy

QUALIFICATIONS REQUIRED

Education

  • Bachelor’s degree in Cybersecurity, Computer Science, Computer Information Systems, Management Information Systems or related fields

Certifications

  • At least one of the related professional certifications (COBIT, ITIL, CGEIT, CRISC, CISA, ISO27001 LA/LI, PCI DSS)

Experience

  • At least 3 years of experience in Cyber governance and supplier management in banking or similar environment
  • Experience of working in a deadline-oriented environment, managing multiple issues simultaneously
  • Technical handling interaction with employees, auditors, vendors, contractors, and other stakeholders

Technical Knowledge & Skills

  • Cybersecurity governance frameworks (NIST CSF, ISO/IEC 27001, PCI DSS) and their linkage to Tanzania Banking Industry
  • Risk management principles, Audit & compliance lifecycle
  • BCM/DRP concepts
  • Third-party risk management and security contract clauses
  • Analytical, organized, detail focused, Technical knowledge of ICT and Information Security
  • Policy framework design & control mapping
  • Risk register management & tooling familiarity
  • Vendor security assessments & contract review
  • BCM/DRP integration with security requirements
  • Reporting best practices (board-quality metrics), Data visualization for executive reporting (dashboards)

CRDB COMMITMENT

CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individuals with disabilities are encouraged.

Important Note: CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank’s practices.

Only shortlisted candidates will be contacted.

How to Apply:

To submit your application, please follow the link provided below.

CLICK HERE TO APPLY

To apply for this job please visit careers.crdbbank.co.tz.

Spread the love

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by