Vacancies at National Bank of Kenya

Position Scope:

The role holder will be responsible in assisting to oversee the bank’s operational risk management function, ensuring that risks arising from people, processes, systems, and external events are proactively identified, assessed, controlled, monitored, reported and mitigated in alignment with regulatory requirements, internal policies, and industry best practices and the bank’s risk appetite. In addition, the role focuses on ensuring the bank has a robust framework for strengthening internal controls and robust operational resilience while promoting a strong and intelligent risk culture

Key Responsibilities:

• Leading and overseeing the Operational Risk Management Framework —
• Developing, implementing, maintaining, reviewing, and updating policies, procedures, standards, and the overall ORM framework to ensure it remains effective and compliant with internal standards and external regulations.
• Providing second-line oversight — Independently challenging and monitoring the first line (business units) to ensure they proactively identify, assess, manage, mitigate, and monitor operational risks.
• Risk identification and assessment — Driving processes to identify emerging and material operational risks across the organization (e.g., through risk assessments, scenario analysis, risk and control self-assessments (RCSA), and key risk indicators).
• Monitoring and reporting — Establishing monitoring mechanisms for the risk and control environment; producing regular risk reports, dashboards, and escalations to  senior management and executive committees on operational risk exposure, trends, and issues.
• Incident and loss management — Overseeing the investigation, analysis, and reporting of operational risk incidents/events/losses; ensuring root causes are identified and corrective/preventive actions are implemented and tracked.
• Governance and advisory role — Advising senior leadership on operational risk matters; supporting risk committees; influencing action plans to improve controls and reduce risk exposure.
• Regulatory compliance and interaction — Ensuring alignment with regulatory expectation; preparing for and responding to regulatory reviews or audits related to operational risk.
• Third-party, conduct, resiliency, and specialized risk oversight — managing or contributing to related areas like third-party risk, business continuity/resiliency, fraud, technology/cyber risks, process management, and conduct risks.
• Team leadership and culture — Building, leading, and developing a team of operational risk professionals; fostering risk awareness and a strong risk culture through training, communication, and collaboration across business lines and functions.
• Stakeholder engagement — Collaborating with other risk functions (e.g., credit, market, compliance), internal audit (third line), business units, and external stakeholders to ensure a holistic approach to enterprise risk management. Innovation: Keep abreast with emerging risks and new technologies that impact the bank and proactively offer solutions to mitigate

Skills & Experience:

• A Bachelor’s Degree in business or related field from a recognized University.
• Masters’ degree would be added advantage.
• Professional certifications such as ORM, IRM, FRM, PRM, or CRM are an added advantage.
• Eight (8) years’ working experience in a commercial bank or financial institution risk related environment, 5 of which should be in Operational risk management.
• Experience in engaging C-level management and senior executives in facilitating decision making and reporting.
• Strong understanding of risk management standards and frameworks and their applications.
• Experience with projects risk assessments with demonstrated ability to conduct project risk assessments.
• Excellent written and verbal communication, presentations skills and team player.
• Discretion in handling confidential information
• Collaboration: forms business partnerships that help drive the Bank’s Assurance agenda.
• Good knowledge of Banking laws and regulations
• Analytical thinking capability.
• Report writing and communication skills.
• Stakeholder Management

go to method of application »

Position Scope:

• Responsible for implementation, upgrade or monitoring of the cybersecurity plans, perimeter and systems infrastructure and systems in line with IT security policies and procedures and in a manner that provides effective assurance, protection and security of Bank systems, business and customer  data/information whilst assuring continuity of business.

Key Responsibilities:

• Implement plans and actions that ensure the Bank’s adherence the CBK regulatory requirements of Cybersecurity oversight in the Bank
• Develop and implement cybersecurity plans, systems and procedures to secure the Bank’s ICT Infrastructure and systems
• Implement and monitor IT cybersecurity standards that pertain to ICT devices and systems to ensure infrastructure and system protection, health and uptime.
• Implement and monitor IT cybersecurity standards that pertain to business systems and user management: changes, access and authentication and systems action logging
• Take action to ensure, correct or report cybersecurity attacks, destructive/unauthorized access and continuous protection.
• Perform risk assessments and execute tests to sustain and maintain cybersecurity standards for the ICT infrastructure and systems and take correction measures thereof.
• Ensure compliance to the Bank policies, procedures, regulatory standards and guidelines
• Any other duties that may be assigned by the supervisor

Skills & Experience:

• Bachelor’s Degree in IT/Business related field from a recognized university
• Certified Ethical Hacker certification (CEH) is an added advantage
• Cybersecurity Security Standards/Management Certification that relate to current technologies.
• Professional banking courses are an advantage
• Project management certification
• Five (5) years in an IT environment in a financial or telco industry with at least three (3) years in Cybersecurity Management
• Leadership and management-ability to lead, mentor and coach staff to goal definition and achievement
• Excellent communication skills; articulate in communicating to both internal and external stakeholders at level levels.
• Professionalism –maintains a professional approach based on ethics and NBK values
• Integrity, honesty and ethics- ensures ethical practices and integrity and ensures NBK is not put at reputational risk
• Building consensus and influencing-ability to influence various players across all NBK departments
• Customer orientation-is customer focused striking a solid balance between external and internal customer orientation
• Resilience –is able to withstand operational challenges and maintain momentum
• Multi-tasking; able to manage several concurrent assignments and prioritise demands.
• Flexibility and adaptability; ability to keep pace with latest technology and trends in addition to new security requirements.
• Proactive and positive attitude, highly motivated and self-directed; ability to work in a team environment or independently
• Knowledge of IT Governance Standards
• Experience in core banking systems
• Systems Administration experience
• Knowledge on file processing and file formats
• Experience in ICT security standards and data management
• Experience in cybersecurity regulatory and industry standards