Senior Manager Internal Audit ICT & Project Audits at NMB Bank Tanzania

Responsible for leading and managing ICT, Cybersecurity and Project Audits within the Internal Audit department of the bank. This role entails the development and implementation of Internal Audit strategy on audits, ICT, Cybersecurity and Projects audits of critical bank's processes, providing insights into risk management, compliance, and operational efficiency.

Provide leadership and work closely with audit teams, ICT, and business units to ensure that ICT, Cybersecurity and project audit practices are effectively integrated into the audit process to enhance audit quality and effectiveness. The position also provides support to other auditors within the Internal Audit department in carrying out business process audits in accordance with Bank's policies and procedures, state laws, and contractual obligations regarding privacy and security in data processing areas.

Main Responsibilities:

• Lead the development and execution of ICT and Project audit strategy in alignment with the Internal Audit departments goals.
• Provide leadership, mentoring, and guidance to the ICT and Project audit team, fostering a culture of continuous improvement and innovation.
• Collaborate with audit teams to identify opportunities where ICT can add value and improve audit outcomes.

Audit Planning and Execution

• Develop and implement an annual risk-based Internal Audit plan aligned with business objectives and risk assessments.
• Lead end to end the execution of ICT risk based annual audit plan from planning, execution, and reporting.
• Assess the design and effectiveness of ICT governance and Cybersecurity internal controls to mitigate material risks and provide assurance on the confidentiality, integrity, and availability of ICT systems of the bank.
• Assess ICT risk management strategies and recommend improvements to enhance system security and operational resilience. governance structures, cybersecurity frameworks, and risk management strategies.
• Perform vulnerability assessment, penetration testing and compliance audits for ICT systems and networks.
• Ensure that audits align with industry's best practices (e.g., COBIT, NIST, ISO 27001, ISO 27701, CIS, ITIL).

Stakeholder Collaboration

• Engage and manage internal and external stakeholders on strategic audits and communication and advise on the risk management and control environment.
• Provide strategic insights to improve ICT, Cybersecurity, and Project governance practices at the bank
• Communicate complex ICT, project and Cyber findings and audit results to non-technical stakeholders, providing actionable recommendations.
• Partner with first line and second line of defense to identify and mitigate ICT and Cyber-related risks and improve ICT and Cybersecurity internal controls.

Continuous Improvement

• Stay current with emerging trends and best practices in ICT and Cybersecurity audit methodologies.
• Evaluate and recommend new ICT and Cybersecurity tools, technologies, and methodologies to enhance the audit function.
• Monitor and assess the effectiveness of ICT and Cybersecurity in the audit process, adjusting as necessary.

Reporting & Documentation

• Prepare and present clear, concise, and insightful audit reports and dashboards to the senior management and the Board audit committee.
• Ensure that all ICT and Cybersecurity audit activities are properly documented and comply with relevant standards and regulations.
• Maintain accurate records of data sources, methodologies, and analysis to support audit conclusions.

Training & Support

• Develop and provide training and support to the ICT and Cybersecurity audit team on the use of ICT and Cybersecurity tools and techniques.
• Share best practices and foster a culture of data-driven decision-making within the audit function.

Knowledge and Skills:

• Business understanding of core banking processes, experience with audit performance and leadership, Audit cycle and framework, Enterprise-Wide Risk Management, Internal Audit (IA) best practices, with knowledge of Internal Audit standards issued by the Institute of Internal Auditors

Technical

• Excellent knowledge of internal audit practices
• Audit expertise and worked in different environments and audit leadership.
• Strong knowledge of IT governance frameworks, security standards, and best practices.
• Understanding of data privacy regulations/laws such as PDPA and GDPR
• Familiarity with cybersecurity threat landscapes, ethical hacking techniques and emerging IT risks.

Behavioral

• Strong analytical and problem-solving skills with the ability to translate complex data into actionable insights.
• Excellent communication, report writing and presentation skills, with the ability to explain technical concepts to non-technical audiences.
• Strong project management skills, with the ability to manage multiple priorities and meet deadlines.
• High level of integrity and professionalism with a commitment to quality and continuous improvement.
• Building a Successful Team, Coaching, Delegating Responsibility, Developing Others, Gaining Commitment, Leading through Vision & Values, Work Standards.

Qualifications and Experience:

• Bachelor's degree in information technology, Computer Science, Cybersecurity, Accounting, Finance, Economics or related fields.
• Masters' degree or professional certifications such as ACCA, CPA, CISA, CISSP, CDPSE, CRISC, CISM, CEH, ISO 27001 Lead Auditor is an added advantage.
• Minimum of 5 years' (RM1.1)(TM1.2)experience in Auditing, IT audits, Cybersecurity audits, or risk management.
• At least 3 years' experience in a leadership role, managing teams, and leading audits and Project initiatives.
• Hands-on experience with SIEM tools, vulnerability scanners, security monitoring systems and automated testing technologies.
• Experience with cloud security, data privacy, IT general controls, penetration testing, and digital forensics is an advantage.
  
  
  NMB Bank Plc is an Equal Opportunity Employer. We are committed to creating a diverse environment and achieving a gender balanced workforce.
  Female candidates and people living with disabilities are strongly encouraged to apply for this position.
  
  NMB Bank Plc does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it.
  
  Only shortlisted candidates will be contacted.

Job opening date : 24-Nov-2025

Job closing date : 09-Dec-2025