2 Job Positions at Development Bank of Rwanda (BRD): (Deadline 29 May 2023)

1.      Background Information

Job Title: Internal Audit Specialist

Current Grade: JG 5

Divisions/ Department: Internal Audit

Reporting  to: Head, Internal Audit

Direct Report: N/A

Indirect Reports: N/A

2.      Contract Terms – Open Ended

3.      Purpose of the Job

The purpose of the job is to support the Head of Internal Audit in ensuring that the Audit Function delivers a high-quality assurance services to the Bank. The position Holder is responsible for planning, executing Risk based Audit assignments in accordance with the approved Annual Plan and relevant policies, procedures and quality standards. The position holder is responsible for the quality of the audit work performed and the efficiency and effectiveness of Bank’s processes.

The success in this role requires experienced personnel with track record of auditing preferably from a financial institution, the Supreme Audit Institution or in an internationally Accredited Audit firm, coupled with the ability to multi-task and meet deadlines while exercising sound audit methodology. The incumbent needs to have passion for strong work ethic, demonstrate integrity and excellent working relationship with all the Bank’s stakeholders. The job requires having sufficient understanding of each facet of Banking business operations and information systems to be able to make meaningful analysis and recommendations, which add value to the business. The job also requires good persuasive skills to sell the audit recommendations to Management

4.      Main Responsibilities of the Job

• Assist the Head of Internal Audit function to develop an annual Audit Strategy and plan that is practical and cuts across the entire organization
• Draw up plans for the assigned individual audit projects/activities
• Coordinating Audit entrance and exit meetings and leading the discussions
• Leads the Audit assignments in executing the audit plan within the given timelines while meeting the required quality expectations.
• Recognizing and identifying the adequacy and effectiveness of the systems of internal controls, the compliance with laws and regulations, fiduciary responsibilities and the reliability management information utilized in decision making.
• Timely submission to the line Manager, the audit deliverables in the agreed reporting format
• Lead the production and presentation of the periodic audit reports that capture the major findings and resultant recommendations or remedial actions.
• Following up audit recommendations to ensure timely implementation/action and mitigation of identified risks.
• Build relationships with key stakeholders to understand their current and future business needs, challenges and enable a smooth working relationship
• Conduct any special tasks as requested by Line Manager and/or Management
• Any other assignment from the Line Manager or the Management of the Bank.

5.      Performance indicators

• Quality and timely reports
• Reliability of formulated audit recommendations
• Quality and timely follow up reports on implementation of audit recommendations

6.      Working relationships

a)      All departments

b)     All BRD stakeholders

c)      Customers

7.      Professional, academic qualifications and experience

a)      Bachelor’s Degree with a professional qualification like ACCA, CPA or CIA completed

b)     A minimum of 5  years’ experience in auditing preferably in a financial institution, the Supreme Audit Institution or in an internationally accredited audit firm.

8.      Core competencies

a)      To carry out audits with absolute honesty, candidness and behaving beyond suspicion and reproach and provide unbiased and factual audit conclusions, opinions and reports

b)      Demonstrating competence, skills, and sound judgment, responsibility, high level of secrecy, good conduct and behavior

c)       Introducing new ideas and methods of providing audit services to remain relevant in a dynamic audit environment

d)      Strong quantitative, capable of interpreting multiple data streams and uncovering insightful conclusions

e)      Good Corporate governance awareness and knowledge on international best practice standards in financial reporting (IFRS), IIA Standards and corporate governance.

f)        Skilled at problem solving, recommending practical solutions, and influencing key stakeholders to drive successful implementation

g)      Strong strategic mindset, critical thinking and analytical skills with good knowledge of Microsoft programs, especially MS Excel

h)      Good IT skills in developing scrip for the data extraction and data analysis and use of analytics tools

i)        Good communication skills (written and oral) in English and Kinyarwanda. Excellent report writing

j)        Ability to work both independently and in a team under tight deadlines

k)      Demonstrated team leadership, organizational and managerial skills

l)        Excellent coordination skills and experience in working with multiple groups of people simultaneously.

m)    Strong interpersonal skills and orientation as a team member.

n)      Excellent management of conflicts and ability to influence decision making at all levels.

o)      Open minded with the ability to learn in a dynamic environment.

1.      Background Information

Job Title: Information Security officer

Current Grade: JG 6

Divisions/ Department: CEO’s Office

Reporting to: Manager – Information Security

2.      Contract Terms – Open Ended

3.      Purpose of the Job

The purpose of an information security officer is to provide protection of the Bank’s information systems and data from unauthorized access, use, disclosure, disruption, modification, or destruction.

He/She will be responsible for implementing and enforcing security strategies, policies, and procedures, conducting risk assessments, monitoring security incidents, and ensuring compliance with relevant laws and regulations.

4.      Main Responsibilities of the Job

• Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
• Ensure access to the Bank’s information is limited to appropriate individuals.
• Analyses digital evidence and investigates computer security incidents.
• Enforce SLAs to ensure incidents are closed by relevant parties in timely manners.
• Participate in the change management process.
• Monitoring and ensuring compliance with data protection laws and regulations and other applicable laws and regulations.
• Provide advice and guidance to the Bank and its employees on data protection matters.
• Conduct regular data protection risk and impact assessments and advise on risk mitigation strategies.
• Ensure that data protection policies and procedures are up to date, communicated to relevant employees, and implemented effectively.
• Serve as the point of contact for data subjects and supervise authorities on data protection matters.
• Coordinate with other departments, such as IT and legal, to ensure data protection compliance across the organization.
• Maintain records of data processing activities and data breaches and report to supervisory authorities as required.
• Confirm availability and recoverability of the Bank’s critical data for business continuity
• Ensure vulnerabilities are periodically identified, tested, and reported.
• Follow up on vulnerability re mediations to ensure that all loopholes are closed in timely manners.

5.      Performance indicators

• Information security vulnerability reduction
• Compliance and audit results
• Incident response time
• Policies and procedures adherence
• Professional development, etc

6.      Working relationships

• All departments
• All BRD stakeholders
• Customers

7.      Professional, academic qualifications and experience

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or any related field
• Information security and data privacy related professional certification such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH) and/or Certified Information Privacy Professional (CIPP).
• Previous experience in a security-related role such as information security analyst, security consultant, network administrator, or system administrator for a minimum period of 2 years preferably in the banking sector will be a plus.

8.      Core competencies

• Familiarity with security technologies, tools, and best practices.
• Understanding of information security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
• Knowledge of network protocols, system vulnerabilities, and attack vectors.
• Proficiency in risk assessment and management methodologies.
• Familiarity with security technologies such as firewalls, intrusion detection systems, access controls, encryption, and endpoint security.
• Knowledge of applicable laws, regulations, and compliance requirements.
• Excellent communication and interpersonal skills to effectively collaborate with stakeholders across the Bank.