2 Job Positions at Development Bank of Rwanda (BRD): (Deadline 19 July 2024)

Background Information

Job Title:  Information Security Analyst

Job Grade: 6

Department: CEO’s Office

Reports to: Senior Manager Information Security and Risk

Contract Terms: Open-ended

Purpose of the Job:

The Information Security Analyst Job function will more into performing penetration tests, manual and automated vulnerability assessment scans on applications and IT infrastructure, risk assessments and code reviews. S/he will also be responsible for implementing remediation of the identified vulnerabilities in applications and supporting infrastructure. will conduct research on threats and attack vectors that impact web applications, bank’s IT infrastructure and mobile applications.

Key Responsibilities:

• Provide security guidance to the application development team on various areas including secure coding techniques, process and tools, security testing support and release.
• Drive and perform application security training, requirements & standards, static & dynamic security testing
• Lead the application security design reviews for new applications to be developed and services.
• Providing DevOps security solution integration with various security test tools
• Conduct effective vulnerability management through VAPTs for all bank’s applications whether newly acquired and existing to ensure vulnerabilities are timely detected and managed.
• Perform source-code reviews and threat modelling the SDLC of the applications
• Assessing application security solutions proof of value through conducting proof of concept
• Participate in the architecture of mobile and web applications including interface and database design, process and API flows, networking, cloud infrastructure, protocol communication, security and appropriate technology use.
• Support the operationalization of the Security Operation Center (SOC) and implementation of ISO 27001:2022 ISMS
• Simulating an attack on the system and IT infrastructure to find exploitable weaknesses
• Establish and manage relations with vendors and related equipment suppliers
• Develop and communicate the Security Service catalogue
• Administer network and system monitoring tools and report attempted attacks to inform recommendations on further mitigation measures
• Perform detailed analysis of incidents and implement recommended mitigation
• Conduct monitoring controls on the Applications and Databases to ensure access management is based on the least privilege principle.
• Perform security reviews for access management of core banking and applications hosted on cloud
• Develop and review policies and procedures for applications/software development

Performance Indicators

• Advanced knowledge in using VAPT tools like Kali Linux tools and other Web Vulnerability and security scanning tools
• Experience working with Web Applications, Web Services, and Service Oriented Architectures
• Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)
• Familiarity with the OWASP framework and application security best practices
• Strong understanding of SDLC principles.
• Strong analytical, documentation, and interpersonal skills
• Knowledge of encryption technologies (web, database, and file).
• Knowledge of identity and access management and its application in an enterprise
• Understanding of information security risks in financial services.

Professional, academic qualifications and experience

• Bachelor’s degree in computer science, computer engineering, information systems or any other relevant degree.
• Master’s degree in information security field is an added value
• Information security certifications is an added advantage like ISO Lead Implementer, Lead Auditor, CEH or any other related professional recognized certifications
• At least 1 years of experience in conducting VAPT

Other Competencies

• Good communication & analytical skills
• Good time management & team player
• High level of ownership of the assignments
• Flexible to work under changing environment

Background Information

Job Title:  Export Credit Guarantee Facility Senior Manager

Job Grade: 4

Department: Strategy

Reports to: Chief Executive Officer

Contract Terms: 5 years renewable

Purpose of the Job:

The Senior Manager will be responsible for coordinating and overseeing the implementation of the Export Credit Guarantee Facility (ECGF) within BRD. This role involves managing all aspects related to the ECGF program, ensuring its effective operation, and supporting exporters in accessing credit guarantees.

Key Responsibilities:

• Develop and implement strategies for the successful execution of the ECGF project.
• Build up and manage the new team internally set up by BRD which will be responsible for the implementation of the ECGF; this includes a lead role in the internal recruitment and coaching of other ECGF staff.
• Collaborate with internal teams to integrate ECGF processes into existing operations.
• Collaborate with the team of the external Implementation Consultant (IC) which will support the build-up and operation of the ECGF (including the drafting and continual review of the ECGF Operations Manual).
• Lead the acquisition of PFIs and the negotiation of framework agreements with interested PFIs which meet the ECGF’s criteria.
• Evaluate applications for credit guarantees and make informed decisions on their approval (in accordance with the decision-making rights defined in the ECGF Operations Manual).
• Monitor and assess the performance of the ECGF identifying areas for improvement.
• Maintain relationships with stakeholders, including government agencies, the National Bank of Rwanda (with respect to the regulatory treatment of the guarantees issued by the ECGF) and participating financial institutions.

Performance Indicators

Performance as a Senior Manager coordinating the ECGF implementation will be assessed based on key performance indicators related to program effectiveness, stakeholder satisfaction, risk management, and financial outcomes.

Professional, academic qualifications and experience

• A bachelor’s or master’s degree in finance, economics, business administration, or a related field.
• Extensive experience in banking, finance, or trade finance, with a focus on credit guarantee programs.
• In-depth and up-to-date knowledge of the Rwandan banking and (M)SME finance sector including Rwandan banking regulations.
• Strong knowledge of export financing mechanisms and international trade practices is desirable.
• Excellent analytical skills and the ability to make sound judgments on credit applications.
• Effective communication skills to engage with diverse stakeholders.