Overview
CRDB Bank Plc is an African bank and a leading Financial Services Provider in Tanzania with current presence in Tanzania and Burundi, East Africa. The Bank was established in 1996 and was listed on the Dar Es Salaam Stock exchange (DSE) in June 2009. Over the years, CRDB Bank has grown to become the most innovative and preferred financial services partner in the region. Supported by a robust portfolio and uniquely tailored products, CRDB Bank remains the most responsive bank in the region. CRDB Bank offers a comprehensive range of Corporate, Retail, Business, Treasury, Premier, and wholesale Microfinance services through a network of 260 branches, 551 ATMs, 18 Depository ATMs, 12 Mobile branches and 1184 Point of Sales (POS) terminals. Similarly, the bank has scores of Microfinance partners and institutions through which pertinent services are rendered to all customers. We currently have 450 Microfinance partner institutions. CRDB Bank was the first to offer Agency Banking services in Tanzania at the beginning of 2013 and we now have 3286 FahariHuduma agents across the country. The Bank also operates through Internet and mobile banking services.
Reporting Line : Manager IAM
Location : Tanzania Head Office
Department : Cybersecurity Unit
Number of openings : 1
Job Purpose
Leading the design, implementation, and operational maturity of the bank’s cybersecurity technologies and security architecture.
Provide strategic and technical leadership in building resilient, scalable, and secure infrastructure that protects the bank’s digital assets across on‑premise, hybrid, and cloud environments.
Ensure all security solutions are aligned with regulatory requirements, international standards, and the bank’s cybersecurity strategy.
Cooperate with Technology, Digital Channels, Enterprise Architecture, Risk, and Business Leaders to embed security by design into systems, integrations, and new technology initiatives enabling secure innovation and reducing cyber risk exposure across the enterprise.
Principle Responsibilities
- Alignment with enterprise security goals and regulatory requirements.
- Define and maintain security architecture standards, security patterns, reference designs, and engineering best practices.
- Oversee the secure design of new systems, integrations, APIs, cloud deployments, and digital services.
- Drive adoption of Zero Trust principles, secure‑by‑design practices, and modern security engineering frameworks.
- Ensure that all security controls are robust, resilient, measurable, and integrated into technology ecosystems.
- Oversee the engineering and lifecycle management of identity and access management solutions, including MFA, SSO, directory services, and privileged access management.
- Ensure strong access governance practices across all platforms including cloud, on‑premise apps, CBS, digital channels, and third‑party integrations.
- Provide technical leadership on all major technology and digital transformation projects, ensuring security controls are built into solutions from concept to deployment.
- Review and approve high‑risk technology changes from a security perspective.
- Support technology modernization initiatives such as cloud migration, core banking upgrades, and API expansion with robust security engineering practices.
- Ensure vendor tools and solutions meet security engineering standards before deployment.
- Ensure all security engineering controls comply with local regulatory requirements (e.g., BOT Cybersecurity Guidelines, TCRA Requirements, Data Protection Laws).
- Support regulatory reviews, audits, penetration tests, and assurance activities through well-documented, repeatable, and auditable engineering processes.
Qualifications Required
- Bachelor’s degree in computer science/engineering, Cyber Security, Information Technology or related academic field.
- Industry certifications such as CISSP, CEH, OSCP, CISA or CSSLP, ISO 27001 LA/LI are a plus.
- Minimum of 7 years of experience in the Cybersecurity industry.
- Strong foundation of the required skills and knowledge through projects, programs and related experience.
- Familiarity with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS, Zero Trust).
- Understanding of ICT infrastructure, networks, and application development.
- Endpoint/EDR, vulnerability & patching tools.
- Network security (firewalls, micro segmentation, WAF, IPS/IDS).
- Database/data security (encryption, masking, auditing).
- App/Integration security (APIs, ESB, channels, CI/CD security).
- IAM/PAM platforms and identity standards.
- ITIL principles for reliability in security tooling.
- Strategic leadership, stakeholder influence, and communication.
- Financial acumen (budgeting, vendor negotiation).
- Analytical and problem-solving skills, especially in identifying and mitigating security risks.
- Basic project management, Change management in complex environments. and documentation skills.
CRDB Commitment
CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individual with disabilities are encouraged.
It is important to note that CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank’s practices.
Only Shortlisted Candidates will be Contacted.
Deadline : 2026-02-12
Employment Terms : Permanent
How to Apply: CLICK HERE TO APPLY