Monday, December 01, 2014

Principal IT Governance Officer

The National Social Security Fund (NSSF) which is the leading provider of social
security services in Tanzania is hereby inviting applications from suitably qualified,
dynamic and motivated Tanzanians to immediately fill vacant positions currently
existing in the Fund.

Position: Principal IT Governance Officer (1)

Report to: Systems and Application Manager

Job Purpose
Accountable for reducing to a minimum the required Capital Allocation Risk for all
function units under DIT which includes but not limited to Technology, Fund
Operations Risk, Change, Projects, business interface, innovation, etc.
Ensuring that Operational Risk policies, standards, processes and procedures are
embedded within the Directorate.
Coordinating the improvement of the control environment so as to reduce operational
risk exposure.

Key Duties and Responsibilities
1. In line with Enterprise Risk Management (ERM) framework, develop a control
framework for each of the key functions under the DIT area.
2. Develop an implementation and embedment plan, execute and deliver the plan
within agreed timeframe in line with the approved Control framework
3. In line with best practice and international framework related to data, information
security and overall systems security, develop an enterprise wise Security
Strategy to ensure protection of Fund's data and information with focus on
confidentiality, integrity, availability of both data and systems.
4. Maintain the Risk and controls policy frameworks within the DIT area and ensure
that it is updated on an annual basis
5. Define an implementation plan of Operational risks policy by translating policy
statements and concepts into action-able requirements and assigning roles and
responsibilities amongst staff
6. Engage staff in Risk policy implementation by communicating expectations,
providing coaching and support
7. Monitor compliance to Operational Risk policy requirements and advise
management of any gaps by conducting periodic reviews
8. Coordinate the closure of policy gaps by engaging management to define, agree
and monitor progress
9. Ensure the effective quantification of all risks under DIT area by maintaining a
framework for financial quantification and applying it across Risk incident
10.Ensure the effective communication of DIT Risk profile to all NSSF risk forums by
preparing the relevant reports as per NSSF standards
11.Review and ensure necessary security, availability, change management controls
are built in all projects, review all systems related project before implementation to
verify that all necessary standards controls are in place.
12.Identify and assess operational risks and Controls through the use of NSSF
defined standard frameworks and Industry standard frameworks.
13.Coordinate risk assessments by engaging function risk and control owners on risk
control assessment and ensuring that data is updated to relevant risk
management systems.
14.Reduce risk exposure by identifying and /or validating control improvement plans
as well as opportunities for risk transfer and avoidance
15.Perform Assurance on Audit/Examination issues pending Issues assurance and
identify any embedment weaknesses and/or implementation gaps by applying
appropriate assurance frameworks.
16.Establish relevant and implement-able action plans for pre- audit/audit
/examination/pre-issues assurance remediation through applying appropriate
industry best practice frameworks (e.g. ITIL, COBIT, PCI) and engaging with
Risk/Control owners.
17. Perform any other duty as may be assigned by supervisor

Job Qualifications and Skills
a) Qualifications and Experience
· Graduate – Computer science/Computer engineering/CISA, preferably
Post-graduate – Computer science/Computer engineering
· 5 years’ experience in audit/security/controls Industry, with experience in
the Risk/Controls/IT/Operations Industry
· Experience in operational Risk management and Assurance
· Experience in operations, process and controls design and IT Governance
· Demonstrated ability to communicate complex issues and concepts in a
simple manner
· Demonstrated ability and experience to develop and defend technical
recommendations and budgetary plans
· Demonstrated experience working in a deadline-oriented environment
managing multiple projects simultaneously
· Demonstrated experience and ability to work effectively in a dynamic,
collaborative and fast-paced atmosphere

b) Skills and Competencies
§ Project management
§ Process/Operations design and management
§ Risk management
§ Report writing and Presentation skills
§ Systems implementation
§ Systems architecture and design
§ Systems administration
§ Back up/Recovery and Systems continuity
§ Understanding of financial sector operational risk management

Mode of application:
Applications in writing enclosing detailed curriculum vitae, certified copies of
relevant certificates, contact address including telephone numbers, email address
and names and addresses of three referees to be addressed to the undersigned.19
Please take note of the following;

Applications without latest CVs will not be considered;

Director, Human Resources and Administration
National Social Security Fund,
P.O. Box 1322,

The closing date for submission will be on 15th December, 2014. 
Only shortlisted candidates will be contacted.