Type of Vacancy: Community Vacancies
Details of the Post
The Caribbean Development Bank (CDB or the Bank) is seeking to recruit a national from its member countries to fill the position of Information Technology Officer (Internal Controls) [IT Officer] in the Information Technology Solutions Division (ITSD). The successful candidate will be based at CDB’s headquarters in St. Michael, Barbados.
ITSD provides secure and cost-effective platforms, applications and agile services to all business areas and acts as a strategic impetus to drive and promote innovation. ITSD delivers the Bank’s IT Strategy, implementing digital transformation and supporting CDB to achieve its mission.
ITSD, led by the Chief Information Officer, is organised into Governance Studios (Internal Controls, Records Management) – which report to IT Governance Manager, and Agile Studios (Operations, Corporate, Collaborations, Data, DevOps, Cloud and Service Desk) – which report to the Agile Portfolio Manager.
The Studios interact collaboratively to support and improve the pillars of the Strategy, which will help CDB to remain efficient, responsive, collaborative, driven and innovative.
Reporting to the IT Governance Manager (ITGM), the IT Officer supports the IT Internal Control Studio, which is focused on information security, compliance, and risk management. The IT Officer coordinates information security controls, cybersecurity and IT risk management programmes based on industry-accepted information security and risk management frameworks.
IT Officer supports the ITGM, ensuring that CDB processes personal data in compliance with the Policy, Guidelines, and applicable data privacy best practices. IT Officer s oversee the adoption of best practices and standards for Records Management practices.
The IT Officer will be required to:
- Support the development and implementation of CDB`s Data Protection framework under the direction of the ITGM, preparing reports, answering queries, and all other tasks as defined in the IT Officer`s Terms of Reference.
- Coordinate the continuous development, implementation and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures in compliance with Bank standards
- Develop and implement frameworks, processes, tools, and lead consultancy vital for IT to manage risk effectively and to make risk-based decisions related to IT activities.
- Proactively identify and mitigate IT risk as well as responding to observations identified by third-party auditors or examiners while assisting in the development of periodic reports and dashboards communicating the level of controls compliance and current IT risk posture.
- Assist with the audits and facilitate management response and remediation efforts. Ensure overall IT compliance with regulatory requirements through proactive planning and communication, ownership, and relationships.
- Broaden and deepen knowledge of the business and environment of IT with respect to the delivery of projects, critical initiatives, and systems portfolio to effectively assist with risk and compliance management.
- Identify residual risk and assist with action plans, policy, and procedural changes for risk mitigation.
- Provide strategic recommendations to key IT projects to help improve project results, quality of work, risk optimization, security processes and compliance with regulations.
- Conduct investigations into security incidents; prepare written findings, recommendations, and follow-up evaluation; and analyse patterns and trends.
- Coordinate with the Cloud Studio information security incident response and reporting for events or exploited vulnerabilities, including unauthorised system or network access, denial of service, inappropriate data access, data corruption, and/or collection of private or confidential information.
- Facilitate information systems security management education and training in data protection, regulatory and industry standards for all employees.
- Obtaining and demonstrating ‘expert’ knowledge of data protection regulations and best practices.
- Promote data protection culture within CDB and respond to queries and requests concerning data privacy.
- Update privacy-related process documentation.
The Ideal candidate for this role must have:
- A Bachelor’s degree in Information Technology, Computer Science, or a related field.
- Three years’ experience in implementing risk and control frameworks such as ISO, NIST and ITIL, and the development of awareness programmes in IT security.
- At least one year’s experience configuring Records Management Systems (E.g., SharePoint).
- Sound understanding of Data Protection principles.
- Experience with the development of awareness programmes in IT security.
- Strong agile project management skills in performing security assessment, audit reviews for business teams or external partners.
The following would be considered assets:
- A Master’s degree in a relevant field.
- Scrum Master Certification.
- Knowledge in Microsoft SharePoint Online
- Knowledge or expertise in other IT segments (e.g., DevOps, IoT).
- Experience in IT security in an international organisation.
- Experience with Microsoft Information Protection, Compliance Center, Azure Policies, Cloud Security App, Advance Threat Protection (ATP) or similar cloud solutions.
The IT Officer must demonstrate strong ability to:
- Be able to work across multiple groups within a complex organisational structure.
- Demonstrate a firm grasp of information security, compliance and risk policy design, deployment, and monitoring.
- Build out digital capabilities to transform organisations and have a strong record of accomplishment in agile project management.
TERMS OF APPOINTMENT
This role is a full-time position with the successful candidate being contracted on a two-year basis in the first instance, with the possibility of renewal. The salary is competitive and commensurate with qualifications and experience. The benefits package includes a pension plan, life and medical insurances.
Before you proceed to apply, please consider the following requirements:
- You must be a national of one of CDB’s member countries.
- You will be required to produce evidence of any educational and professional qualifications to support your application if you are selected for an interview.
- All appointments are subject to satisfactory background checks and references.
CDB fully respects the need for confidentiality of information supplied and assures you that we will not discuss your background and interest with anyone including references, without your prior consent.
The deadline for submission of applications July 25, 2022 at 11:59 pm AST.
The organisation requires a COVID-19 vaccination for in-person business at the Bank’s headquarters. Therefore, everyone working in HQ is required to present proof of vaccination status upon hire unless they qualify for a medical or religious exemption, subject to the Bank’s approval.
The Caribbean Development Bank is an equal opportunity employer and values diversity. We encourage all qualified candidates to apply regardless of their racial, ethnic, religious, cultural background, gender, sexual orientation, or disabilities. Women are strongly encouraged to apply.
The Bank provides reasonable accommodation to individuals with disabilities who participate in the job application or interview process. Please contact us to request such accommodation.
Notice expires at 11:59pm on Monday July 25th, 2022