Internal Risk & Control Analyst

Application deadline date has been passed for this Job.
This job has been Expired

Internal Risk & Control Analyst

  • Post Date:November 29, 2022
  • Views 677
0 Applications
  • Career Level Analyst
    Qualification Degree
    Experience 1-3 Years
  • Industry Banking
Job Description

Business Unit: Technology Security and Governance
Geographical Area: Zimbabwe
Department: Technology Services
Vacancy Manager: Technology Security and Governance Manager

Purpose of the job

To identify, measure, monitor, and recommend appropriate Technology Services risk mitigants.

Focus Areas

Technology risk, control & monitoring

  • Carries out assessments in preparation for Audit/regulatory inspections.
  • Analyses internal and external audits, fraud and loss reports, and Incident report to establish trends and recommendations.
  • Analyses internal audit, fraud, and loss, incident reports, establishes trends, and submits a report with recommendations to the Technology Security and Governance Manager.
  • Compiles and submits risk reports on both internal and external developments to guide the decision-making processes.
  • Reviews and tests departmental processes, systems, and procedures and makes appropriate recommendations

Documentation & controls review

  • Reviewing and ensuring documentation of all change requests and user profiles changes in FCC Core Banking System upon requests
  • Compiles and priorities changes on the Core Banking System, Banking Services, SWIFT, RTGS, etc., and advises users on the status of their change requests.
  • Analyses, Evaluates, Prepares, and delivers reports with recommendations, on the best way to apply changes to the live environments
  • Monitors changes and give recommendations on backout plans on all banking systems such as FCUBS Interfaces, Postilion, Online Banking, SMS-Email Gateway, CR2, Pex, etc.
  • Keeps records of all Configuration changes of all banking systems such as FCUBS and any other banking system
  • Tracks the Status of Change Requests
  • Weekly report on changes and implementation status of the live environments

New products & services review

  • Reviews process flows, and procedure manuals and makes appropriate recommendations
  • Monitors segregation of duties to curb frauds and errors.
  • Recommends Risk Mitigants.
  • Participates in User Acceptance Tests (UATs) prior to and post product launch.
  • Prepares a Risk sign-off for new products.

Disaster recovery & business continuity

  • Assesses Business Continuity Plans and Disaster Recovery Plans and makes appropriate recommendations
  • Checks and ensures
  • The backing up of Data and subsequent restoration.
  • The testing of DRPs.
  • Manages Technology risk through training staff

Qualifications and Work Experience

  • First Degree in Computer Science, Information Systems or equivalent.
  • 1 year’s experience in IS Security and Risk Management or related environment.
  • Technology Risk certifications, Security certifications such as CRISC, CISM, CISSP, ISO 27001 certification

Special Skills and Competencies

  • Highly analytical and attentive to detail
  • Excellent interpersonal and communication skills with an ability to be assertive when necessary
  • Able to interact confidently with senior stakeholders
  • Sound planning and organising skills with an ability to work with minimal supervision
  • Deadline driven
  • Proactive, resilient, and tenacious

Technical Prerequisite

  • Knowledge of new product governance, control, and risk management
  • Knowledge of the full MS Office suite and MS Projects
  • Ability to understand Technical Architecture of all existing and proposed solutions for digital banking
  • Define SIT, UAT, POST Implementation conditions.
  • Develops accurate and complete test plans.
  • Leads testing efforts.
  • Ensures issues are identified, tracked, reported on and resolved in a timely manner.
  • Works with channel owners to identify required changes.
  • Communicates needed changes to development team.
  • Identifies and documents system deficiencies and recommends solutions.

Interested applicants who meet the job requirements should e-mail their CVs to: [email protected] with the Heading: “Internal Risk & Control Analyst” attaching scanned copies of academic certificates and national ID.


Closing date: 30 November 2022 @ 16:30 hrs