Data Security Specialist at Exim Bank
Job Overview
Data Security Specialist at Exim Bank
Data Security Specialist
Exim Bank
Job Description
The data security specialist is responsible for supporting the technology department in Data security management of systems in banks i.e. (business and customer data). Data Security specialist will primarily assess the compliance, governance, and effectiveness of security controls, evaluate threats and vulnerabilities, and calculate the level of security impact assessment via Exim Bank cyber security baseline and communicate these risks to business units and management.
Roles & Responsibilities
Establish and maintain procedures that support the Data Security function.
Monitor, maintain, and optimize data security systems and policies.
Investigate data security incidents and events.
Regularly review system and audit logs for signs of potential threats or attacks.
Analyze outputs and alerts from Data Protection Systems to detect insider threats, misuse, or potential data compromises.
Implement and enforce data security standards, policies, and best practices.
Manage Data Loss Prevention (DLP) engineering across Email, Endpoint, Web, and File Discovery systems.
Ensure sensitive data is properly protected, managed, and monitored in accordance with policies.
Develop and introduce processes and procedures to strengthen security and minimize the risk of data breaches.
Provide guidance and security expertise to business initiatives and projects to ensure data protection and compliance are embedded from the outset.
Ensure all Exim Bank projects undergo comprehensive security assessments—such as penetration testing, vulnerability assessments, and compliance checks—prior to go-live.
Contribute to the development, review, and enhancement of data security policies and controls in alignment with business needs and evolving threat landscapes.
Oversee the implementation and monitoring of cybersecurity tools to ensure compliance, identify gaps, and highlight areas for improvement.
Ensure adherence to data protection regulations, including Tanzania’s Data Protection Bill, GDPR (technology-related provisions), and the Exim Bank Cyber Security Baseline.
Maintain and update the Personal Data Processing Register (PDPR).
Ensure secure software development practices are followed throughout the software development lifecycle in line with Exim Bank’s Secure Development Process.
Enforce ISO 27001 standards and promote a “secure by design” culture across the organization.
Coordinate and conduct regular awareness and training sessions on IT security and regulatory compliance.
Perform additional IT administrative tasks as assigned by the Line Manager.
QUALIFICATION AND SKILLS
Bachelor’s degree, preferably in the fields of IT, IS, Computer Science/Engineering or related field is desirable.
Minimum 4 years’ working experience in data security operations.
Knowledge of Cyber and Risk Management Frameworks and International Security standards.
Excellent problem-solving and organizational skills
Demonstrable relationship/stakeholder management and negotiation skills
Knowledge of legal, regulatory and privacy requirements (GDPR, PCI DSS).
An industry Security certification. CDPSE is strongly preferred
Strong Understanding of key Cyber Security Technologies & Tools and General Information Technologies.
Preferred Security professional certification CDPSE, ISO27001, CISSP, CISM, CEH; Other IT professional certifications such as ITIL, CISA, PMP will be an added advantage.
Good understanding of IT controls and service
How to Apply:
