Vacancies at National Bank of Kenya

Job Reference No. NBK/Risk/01/2025

Position Scope:

The role holder will be responsible for supporting the risk identification and management process across all aspects of Information Technology for the Bank, updating the executive management on the results of the risk assessment and making recommendations for mitigations to protect the Bank systems or cover potential financial losses.

Key Responsibilities:

• Develop and implement an ICT Risk Management Framework;
• Conduct system vulnerability tests in line with Bank policies and global standards and report to management on vulnerability and protection against cyber-attacks;
• Identify and assess ICT risks, design mitigation controls and monitor the risks till closure;
• Clearly document and define risks and their potential impact alongside the statistical probability of such an event, and identify systems affected by the defined risk;
• Develop ICT risk management guidelines to be used by all Divisions of the Bank;
• Conduct system penetration testing during various stages of the system development lifecycle to ensure integrity, availability and assurance of the systems and technical processes;
• Perform a review on compliance with ICT security policies across the technology ecosystem;
• Evaluate IT security policy, processes and procedures for completeness and applicability;
• Evaluate IT service management policies, processes and procedures for completeness and applicability;
• Work closely with Business functions to identify risks in products that use digital platforms;
• Conduct fraud assessments on technology platforms in line with the Fraud Risk Management Policy;
• Keep abreast with current advances in all areas of ICT security;
• Continuously evaluate communication security, data vulnerability, business continuity; and examine employee compliance with security controls and deficiencies.

Skills & Experience:

• A Bachelor’s Degree in Computer Science, IT or related field from a recognised University.
• Masters’ degree would be added advantage
• Certified in Risk and Information Systems Control (CRISC) or equivalent preferred.
• 3-5 years of related experience with an emphasis on ICT Risk
• CISA professional certification.
• Membership of IIA/ISACA is preferred.
• Ability to conduct data mining, data analysis and reporting.
• An intermediate understanding of networking concepts.
• Intermediate understanding of security appliances including but not limited to Intrusion
• Detection System (IDS), Intrusion Prevention System (IPS), Firewall, and Security
• Information and Event Management (SIEM) systems
• Analytical, objective and ability to describe complex technical concepts and ideas in non-technical terms
• Understanding of ICT risk management, processes and associated control requirements.
• Innovation; able to keep up with trends of meeting the demands of internal and external customers and controls thereof.
• Collaboration; forms business partnerships that help drive the Bank’s Assurance agenda.
• Good knowledge of Banking laws and regulations
• Analytical thinking capability.
• Report writing and communication skills.
• Stakeholder Management
   

go to method of application »

Job Reference No. NBK/AUD/01/2025

Position Scope:

The overall responsibility of the job holder will be to plan and carry out specific audit assignments, under the direction of Head Central Functions & Shared Services, in an efficient and effective manner. He/She will be required to ascertain the extent of compliance with documented policies, procedures and regulations and provide assurance to senior management that laid down processes and controls are functioning effectively as designed. He/She will be required to facilitate good practice in giving assurance on risk management, controls and governance processes.

Key Responsibilities:

• Plan and complete specific audit assignments in consultation with support of Head
• Central Functions & Shared Services according to approved audit plan within the defined timelines.
• Participate and contribute in the risk assessment process for Central Functions &
• Shared Services audit areas and document quality recommendations and control issues identified.
• Participate in the development of risk based annual audit plans detailing the scope, nature and timing of audit activities.
• Review the systems established to assess compliance with policies, plans, procedures, laws, and regulations which could have a significant impact on operations and report whether the organization is in compliance.
• Monitor and evaluate effectiveness of the risk management systems in place within Central Functions & Shared Services.
• Develop in consultation with the Head Central Functions & Shared Services appropriate audit tests and programs aimed at achieving the desired audit objectives.
• Report on audit findings on key control deficiencies, non-compliance with procedures and management policies and regulatory requirements among others, on audit areas reviewed.
• Carry out the identified continuous monitoring reviews and report on the results within agreed intervals.
• Follow up of audit issue action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
• Follow up recommendations and issue action plans logged from previous audits to ensure their timely closure.
• Support colleagues by sharing expertise with members supporting Central Functions & Shared Services assurance.
• Maintain pro-active approach to risk assessment through market intelligence, continuous engagements with stakeholders to understand business dynamics through data analytics.
• Delays in execution of audit work should be escalated in a timely manner to Management.
• Perform other related duties that may be assigned from time to time by Management

Skills & Experience:

• A Bachelor’s degree in business / related field from a recognized university
• ACCA/CPA finalist
• Membership of ICPAK /ACCA in good standing is preferred
• Membership of IIA/ISACA in good standing is preferred
• Five years’ experience in internal audit or related environment
• Innovation; able to keep up with trends of meeting the demands of internal and  external customers and controls thereof
• Collaboration; forms business partnerships that help drive the Bank’s Assurance Agenda
• Multi-tasking; able to manage several concurrent audit assignments and prioritise demands
• Flexibility and adaptability; ability to keep pace with latest trends in addition to new audit requirements
• Excellent communication skills; articulate in communicating to both internal and external stakeholders both at all levels
• Analytical; capable of managing numerous information sources and providing data analysis reports to senior management
• Business Acumen/ commercial awareness; ability to assess business strategies, alignment and implementation plans
• Good knowledge of Banking laws and regulations
• Analytical thinking capability.
• Report writing and communication skills.
• Stakeholder Management.

go to method of application »

Job Reference No. NBK/AUD/02/2025

Position Scope:

The role holder will be expected to provide objective and independent assurance to senior management and the Board Audit Committee that the information systems in place and new related projects and controls are appropriate, well developed, reliable and secure. He/She will have the responsibility of evaluating the adequacy of processing controls as they relate to each audit, and the effectiveness of general computer controls in the ICT environment. In addition, He/ She will be supporting the Director of Internal Audit and Senior Management through Head of ICT audits in examining, evaluating, and verifying operating systems, procedures, internal controls, and recorded data for the information technology departments of the Bank.

Key Responsibilities:

• Provide expertise in the audit of ICT services operations across the Bank in line with approved internal audit methodology, processes, procedures and timelines.
• Participate in the development of risk based IS annual audit plans detailing the scope, nature and timing of audit activities.
• Plan and perform technical information systems audits on all mapped critical areas and processes and highlight improvement points. Critical areas to be continuously mapped and reviewed include among others; IT governance, IT systems and banking applications, Network and communication infrastructure, IT general controls,
• Operating systems and databases, Business Continuity and disaster recovery, Major systems acquisition and implementation projects, Data Centre operations among others
• Participate from an audit perspective in reviewing acquisition of new major IS assets by advising project teams on information systems control and security issues and ensure all set criteria are met.
• Interface and perform necessary special integrated audit projects with the
• Business/Branch Networks and Central/Shared functions.
• Stakeholder management and offer expertise on quality recommendations for ICT service and operational controls.
• Review the means of safeguarding assets and, as appropriate, verify the existence of such assets.
• Discuss audit findings and recommendations with audit clients and prepare management and board papers for reporting significant control issues to the senior management and the Board Audit Committee.
• Coach, mentor and offer expertise to other staff within the division, including offering support on IS related areas.
• Track and follow up on relevant IT audit issues emanating from Internal Audit Reports, and other external independent reviews to ensure timely closure.
• Support in raising awareness to staff on ICT service and operational controls.
• Assist in conducting ad-hoc investigations and reviews, as a liaison subject matter expert, as may be requested by senior management and/or the Board Audit Committee.
• Other duties as may be assigned by the Internal Audit Management from time to time

Skills & Experience:

• A Bachelor’s Degree in Computer Science, IT or Engineering from a recognised University.
• CISA professional certification.
• ACCA/CPA / related professional certification are preferred.
• Membership of IIA/ISACA in good standing is preferred.
• CISM – an added advantage.
• Five (5) years’ experience in an internal audit/ ICT related environment in the financial sector or audit firms with practical and hands on experience.
• Understanding of ICT risk management, processes and associated control requirements.
• Innovation; able to keep up with trends of meeting the demands of internal and external customers and controls thereof.
• Collaboration; forms business partnerships that help drive the Bank’s Assurance agenda.
• Multi-tasking; able to manage several concurrent audit assignments and prioritise demands.
• Flexibility and adaptability; ability to keep pace with latest trends in addition to new audit requirements.
• Excellent communication skills; strong and confident, articulate in communicating to both internal and external stakeholders.
• Analytical; capable of managing numerous information sources and providing data analysis reports to senior management.
• Professional Independence; exercise objectivity, competence, discretion and courage to raise and escalate matters where applicable.
• Business Acumen/ commercial awareness; ability to assess business strategies, alignment and implementation plans
• Good knowledge of Banking laws and regulations
• Analytical thinking capability.
• Report writing and communication skills.
• Stakeholder Management.

go to method of application »

Position Scope:

• This position is responsible for acquisition and growth of sustainable Bank Business.

Key Responsibilities:

• Selling Retail Bank products and services in order to ensure sustainable business growth
• Actively take part in sales activities organized by the Bank in order to acquire business
• Offer excellent customer experience while interacting with customers on different channels
• Gather feedback from customers on Bank products and their experience to seek improvement
• Daily sharing of business acquisition reports
• Continuously seek to deepen knowledge on the Bank’s offering and the industry trends.

Education/Professional Qualifications, Skills & Experience:

• Must have a minimum Mean Grade of C plain.
• Degree in any field from a recognized institution.
• Computer literacy – MS Office Suite
• 1 year working experience in Sales in a financial Institution will be an added advantage.
• Excellent communication skills both oral and written
• A confident person who is self-driven with strong interpersonal and negotiation skills.
• A person of integrity and with good negotiation skills.
• Ability to be an agent of change and Innovate with a strong desire to excel.
• Ability to deliver set business targets and service with minimum supervision.
• Flexible and willing to travel on short notice.

Send your CV and application letter showing how you meet the role requirement stated above to: [email protected] and fill the mandatory bio data form link attached