Vacancies at NCBA Group

Job Purpose Statement

• The role is responsible for identifying unmet customer needs and commercialization opportunities, and executing approved and prioritized roadmaps by collaborating with interdisciplinary teams to create, design and deliver high impact innovative products from concept to market, in order to create seamless digital finance customer journeys that increase conversions/transactions, improve experience, generate additional revenue and lower cost to serve.

The role is also responsible for collaborating with client facing teams and Marketing to promote activation and usage of Digital Finance products to increase DAU (Daily Active Users) and ARPU (Average Revenue Per Customer) through Data driven analytics.

Key Accountabilities (Duties and Responsibilities)

Job Specifications

Academic:

University degree with Upper 2nd Class and any other relevant Professional qualifications.

Professional:

• A qualification in technology related field, Data analysis or Project management is required.
• Proficiency in MS Office with advanced Excel qualification is required.

Desired work experience:

• 6-8 years’ experience in Banking or digital financial services, with at least 2 years delivering or handling customer facing digital solutions in a Product, Project Management, Data Analysis or IT applications function.
• Experience working with technology driven financial products and solutions.
• Experience working in cross-functionally project teams.
• Ability to communicate effectively with both technology and business teams.
• Knowledge of product management methods and processes and a good understanding of emerging technology and big data platforms

go to method of application »

Job Purpose Statement

The Cybersecurity Assurance Specialist role will be responsible for conducting General IT Controls (GITC) assessments within production systems. This proactive role aims to audit production environments before compliance teams flag potential issues, ensuring vulnerabilities, gaps, and misconfigurations are identified and remediated. The primary focus will be on auditing critical IT controls and configurations to maintain and enhance the organization’s security posture. For issues that cannot be immediately addressed, the role will ensure they are properly documented in the Risk Control Self-Assessment (RCSA) for further remediation and mitigation. 

Key Accountabilities (Duties and Responsibilities)

Proactive GITC Auditing and Vulnerability Identification 30% 

• Conduct regular audits of production systems to assess GITC and identify gaps in configurations, security controls, and vulnerabilities. 
• Perform a thorough review of access controls, system configurations, data integrity, and compliance with internal policies and industry standards. 
• Identify security risks and proactively recommend appropriate remediation actions to mitigate threats. 

Risk Control Self-Assessment (RCSA) Documentation 30% 

• Work closely with Governance and Compliance teams to document key findings in the RCSA. 
• For any gaps or issues that cannot be immediately resolved, ensure they are properly recorded and tracked in the RCSA, with clear action plans for resolution. 
• Continuously review and update the RCSA to reflect the current security and compliance posture of production systems. 

Collaboration and Reporting 20% 

• Provide regular reports and recommendations to management and stakeholders on the status of audits, security risks, and remediation efforts. 
• Collaborate with internal teams such as the IT, security, and operations teams to ensure that gaps are effectively closed and issues are remediated in a timely manner. 
• Support ongoing compliance initiatives by providing insights into security vulnerabilities and assisting with external audits. 

Support and Continuous Improvement 20% 

• Assist in the preparation and execution of internal penetration tests and security assessments. 
• Continuously assess and improve the current auditing and testing processes for efficiency and effectiveness. 
• Provide recommendations on tools, processes, and methodologies to enhance the security posture of production systems. 

Job Specifications

• Minimum of 4 years of experience in IT auditing, specifically in GITC, vulnerability assessments, and security controls within production systems. 
• Strong knowledge of security frameworks, regulatory standards (ISO 27001, NIST, SOC 2, GDPR), and security testing tools. 
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field; certifications such as CISA, CISSP, or CISM are preferred. 
• Experience as an IT Auditor in GITC, with expertise in auditing production systems, access controls, and the general audit lifecycle. 
• Strong attention to detail, communication skills, and ability to identify and resolve risks proactively. 
• Excellent analytical and problem-solving skills, with the ability to manage multiple audit tasks and collaborate with cross-functional teams. 

go to method of application »

The role holder leads business analysis and solution architecture activities across enterprise initiatives to ensure delivery of secure, scalable, fit-for-purpose, and architecture-aligned technology solutions for the Bank. The role is responsible for translating business priorities, customer and operational needs, and regulatory requirements into clear requirements, process designs, and solution options that support effective decision-making and disciplined execution. This includes shaping functional and non-functional requirements, reviewing solution trade-offs, and ensuring alignment to enterprise architecture, data and integration principles, operational resilience expectations, and information security standards.

The role also strengthens delivery governance by working closely with Business, Technology, Risk, Security, Operations, and vendors to improve solution quality, reduce rework, accelerate implementation, and enhance value realization across Group programmes and change initiatives.