ICT STANDARDS AND CONTROL MANAGER

Location: Lusaka

Position Type: Full-time

About Us:

ProBASE is a leading FinTech and ICT Company with a strong track record in the provision of Innovative & Game changing business solutions to the key Sectors (Public & Private) of the Economy including but not limited to Financial Sector, Agriculture, Telecoms, Education among others.

Job Overview:

The ICT Standards and Control Manager will be responsible for ensuring that the ProBASE ICT processes, controls, and compliance frameworks are aligned with industry standards and best practices, particularly focusing on COBIT, CISA, CISM, and ITIL. This role will involve the development, implementation, and monitoring of ICT standards and controls to mitigate risks and enhance operational efficiency, with a specific focus on overseeing security throughout the software development lifecycle.

Key Responsibilities:

1. Framework Implementation:

a) Develop and implement ICT governance frameworks in alignment with COBIT, CISA, and CISM principles.
b) Ensure compliance with relevant standards and regulations, including ITIL guidelines for IT service management.

2. Risk Management:

a) Identify, assess, and mitigate ICT risks through effective control measures, especially in the software development process.
b) Conduct regular risk assessments and audits to evaluate the effectiveness of existing controls.

3. Policy Development:

a) Create and maintain ICT policies, procedures, and standards to ensure compliance and operational efficiency, with a focus on secure software development practices.
b) Collaborate with stakeholders to ensure policies are effectively communicated and adhered to.

4. Monitoring and Reporting:

a) Establish key performance indicators (KPIs) for ICT controls, compliance, and software security.
b) Prepare and present reports on compliance status, risk assessments, and control effectiveness to senior management.

5. Training and Awareness:

a) Develop training programs to enhance staff awareness of ICT standards, compliance requirements, and secure coding practices.
b) Conduct workshops and seminars to promote a culture of compliance and security within the organization.

6. Continuous Improvement:

a) Stay updated on industry trends, emerging threats, and best practices in ICT governance, compliance, and software security.
b) Propose enhancements to existing processes and controls based on industry developments.

Role Requirements: 

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• Relevant certifications such as COBIT, CISA, CISM, CISSP, or equivalent.
• Strong understanding of ICT standards, frameworks, compliance requirements, and secure software development practices
• Proficient in risk management tools and methodologies, with a focus on software security.
• Familiarity with security technologies and practices, including secure coding techniques
• Excellent analytical and problem-solving skills, especially in the context of software security.
• Ability to interpret complex regulations and translate them into actionable policies for secure software development.
• Strong verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
• Ability to present complex information clearly to diverse audiences, including software development teams.
• Strong leadership and team collaboration abilities, with experience working with software development teams.
• Ability to build relationships with stakeholders at all levels, including IT, security, and business teams.
• Detail-oriented with a strong commitment to quality, compliance, and security.
• Proactive and self-motivated, with a strong sense of accountability.
• Adaptable and able to thrive in a fast-paced, changing environment, especially in the context of software development.

Work Experience

• Minimum of 5 years of experience in ICT governance, risk management, compliance, and software security.
• Proven experience in implementing COBIT, CISA, CISM, and ITIL frameworks in a corporate environment.
• Hands-on experience with security protocols, risk assessment methodologies, and secure software development practices.