Vacancy title:
ICT Risk Manager

[Type: FULL_TIME, Industry: Finance, Category: Computer & IT, Management]

Jobs at:
National Bank of kenya

Deadline of this Job:
Friday, November 7 2025

Duty Station:
Nairobi | Nairobi | Kenya

Summary
Date Posted: Thursday, October 30 2025, Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about National Bank of kenya
National Bank of kenya jobs in Kenya

JOB DETAILS:

Position Title: ICT Risk Manager
Postion Scope:
The role holder will be responsible for supporting the risk identification and management
process across all aspects of Information Technology for the Bank, updating the executive
management on the results of the risk assessment and making recommendations for
mitigations to protect the Bank systems or cover potential financial losses.
Key Responsibilities:
• Develop and implement an ICT Risk Management Framework;
• Conduct system vulnerability tests in line with Bank policies and global standards and
report to management on vulnerability and protection against cyber-attacks;
• Identify and assess ICT risks, design mitigation controls and monitor the risks till
closure;
• Clearly document and define risks and their potential impact alongside the statistical
probability of such an event, and identify systems affected by the defined risk;
• Develop ICT risk management guidelines to be used by all Divisions of the Bank;
• Conduct system penetration testing during various stages of the system development
lifecycle to ensure integrity, availability and assurance of the systems and technical
processes;
• Perform a review on compliance with ICT security policies across the technology
ecosystem;
• Evaluate IT security policy, processes and procedures for completeness and
applicability;
• Evaluate IT service management policies, processes and procedures for
completeness and applicability;
Public Data
• Work closely with Business functions to identify risks in products that use digital
platforms;
• Conduct fraud assessments on technology platforms in line with the Fraud Risk
Management Policy;
• Keep abreast with current advances in all areas of ICT security;
• Continuously evaluate communication security, data vulnerability, business
continuity; and examine employee compliance with security controls and
deficiencies.
Skills & Experience:
• A Bachelor’s Degree in Computer Science, IT or related field from a recognised
University.
• Masters’ degree would be added advantage
• Certified in Risk and Information Systems Control (CRISC) or equivalent preferred.
• 3-5 years of related experience with an emphasis on ICT Risk
• CISA professional certification.
• Membership of IIA/ISACA is preferred.
• Ability to conduct data mining, data analysis and reporting.
• An intermediate understanding of networking concepts.
• Intermediate understanding of security appliances including but not limited to Intrusion
Detection System (IDS), Intrusion Prevention System (IPS), Firewall, and Security
Information and Event Management (SIEM) systems
• Analytical, objective and ability to describe complex technical concepts and ideas in
non-technical terms
• Understanding of ICT risk management, processes and associated control
requirements.
• Innovation; able to keep up with trends of meeting the demands of internal and
external customers and controls thereof.
• Collaboration; forms business partnerships that help drive the Bank’s Assurance
agenda.
• Good knowledge of Banking laws and regulations
• Analytical thinking capability.
• Report writing and communication skills.
• Stakeholder Management

Work Hours: 8

Experience in Months: 36

Level of Education: bachelor degree

Job application procedure
Interested in applying for this job? Click here to submit your application now.

Send your CV and application letter showing how you meet the role requirements stated above by Friday, 7th November 2025

Indicate Name & Job Reference No. NBK/Risk/01/2025 on subject.

Please note that applications received after the deadline will not be considered.

Only shortlisted candidates will be contacted for the next stage/s of the process.

All Jobs | QUICK ALERT SUBSCRIPTION