Senior Audit Associate Cybersecurity at NMB Bank Tanzania

Responsible for providing independent assurance over the security of software applications and the Software Development Life Cycle (SDLC), including the review of general SDLC best practices, governance, and process effectiveness, with a strong and explicit focus on conducting Web Application and API Vulnerability Assessments and Penetration Testing (VAPT).

The role is accountable for actively identifying, validating, and assessing security weaknesses in web applications and APIs through hands-on technical testing, and for evaluating whether security best practices are effectively embedded throughout the SDLC to mitigate cybersecurity risks. This includes assessing secure-by-design implementation, secure coding practices, and security controls integrated within development, testing, and deployment processes.

Main Responsibilities:

• Strong knowledge of software development life cycle (SDLC) methodologies, including Agile, DevOps, and secure-by-design principles.
• Good understanding of application and API security concepts, common vulnerabilities, and secure coding practices.
• Solid knowledge of cybersecurity fundamentals, including access control, encryption, vulnerability management, and secure system architectures.
• Working knowledge of industry standards, frameworks, and best practices relevant to application security, SDLC, and cybersecurity assurance.
• Knowledge of internal auditing practices, including risk-based auditing, control assessment, and audit reporting.
• Excellent written and verbal communication skills, with the ability to present complex information to both technical and non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to identify and address software development and security risks.
• Ability to work independently and as part of a team.
• Ability to manage multiple priorities and meet deadlines in a fast-paced environment

Knowledge and Skills:

• Bachelor's degree in Computer Science, Information technology, or related fields.
• Relevant professional certifications such as Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), CISSP, CEH etc. will be an added advantage.
• At least 3 years' experience in Cybersecurity, Software development, Security, Internal/external audit, ICT Audits, data analytics, or a related field.
• Experience in performing software development and security reviews or audits, including reviewing software designs and codes.
• Experience with security tools, such as vulnerability scanners and penetration testing tools.
  
  
  NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving gender balanced workforce.
  Female candidates and people living with disabilities are strongly encouraged to apply for this position.
  
  NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.
  
  Only shortlisted candidates will be contacted.

Job opening date : 22-May-2026

Job closing date : 05-Jun-2026