Reporting Line
\nHEAD OF CYBERSECURITY<\/p>\n
Location
\nTanzania Head Office<\/p>\n
Department
\nCYBERSECURITY UNIT<\/p>\n
Number of openings
\n1<\/p>\n
Job Purpose<\/p>\n
The Manager: Identity and Access Management (IAM) will lead the development, implementation, and continuous improvement of enterprise identity and access controls. This role is responsible for ensuring secure, compliant, and seamless access to the bank\u2019s systems and digital services by driving the design, governance, and operation of IAM capabilities.
\n\u00a0
\nThe position oversees Access Management, Privileged Access Management (PAM), and User Access Management (UAM) functions, ensuring consistent enforcement of identity policies, automation of access processes, and reduction of access-related risks. The role will provide subject matter expertise in identity security, guide the implementation of modern IAM technologies, and ensure that identity controls are fully integrated into business processes, system onboarding, and cybersecurity initiatives.<\/p>\n
Principle Responsibilities<\/p>\n
Define and own the IAM strategy and roadmap, aligning capabilities (Access Management, UAM, PAM) with cybersecurity priorities, business objectives, and regulatory obligations.
\nEstablish and enforce IAM policies and standards, ensuring alignment with internal bank policies, regulatory requirements, and industry best practices (e.g., least privilege, just-in-time access, Credential rotation, separation of duties, zero trust).
\nGovern the enterprise RBAC model: oversee design, approval, maintenance, role engineering, and comprehensive documentation.
\nSet IAM performance metrics and SLAs (e.g., JML timeliness, access request turnaround, access review completion, PAM coverage) and report on them to senior cybersecurity leadership.
\nOwn end-to-end Joiner\u2013Mover\u2013Leaver (JML) execution across all in-scope applications, platforms, and directories\u2014ensuring timely, accurate provisioning, changes, and de-provisioning with strong automation.
\nSupport automation of access processes (provisioning, de-provisioning, approvals, re-certifications) this is to reduce manual touchpoints, errors, and cycle time.
\nLead periodic user access reviews\/attestations with business owners, ensure Segregation of Duties control enforcement, track remediation, and maintain audit-ready evidence.
\nMaintain comprehensive IAM\/UAM documentation\u2014procedures, playbooks, runbooks, and user guides\u2014and ensure they are current and version-controlled.
\nOwn and administer the enterprise PAM platform, including vaulting strategy, policy configuration, integrations, and platform health\/availability.
\nEnsure complete and continuous onboarding of privileged accounts (human and non-human) into PAM with appropriate classifications and controls.
\nEnforce privileged access controls, including session recording, just-in-time (JIT) access, credential rotation, and break-glass procedures; support continuously monitoring and auditing privileged sessions for violations and misconfigurations.
\nEnable and upskill administrators and operators on secure privileged access usage via PAM, including approved workflows, session launchers, and integrations.
\nRisk, Incident, and Compliance 14. Lead incident management for access-related events, including violations, misconfigurations, and unauthorized access; drive root-cause analysis, corrective actions, and preventive controls.
\nContinuously assess access risks across systems and drive risk reduction initiatives coverage expansion, control hardening, and exception management.
\nEnsure secure integration of IAM with enterprise systems (apps, directories, cloud platforms, federation\/SSO, MFA), working closely with engineering, infrastructure, and application teams.
\nEvaluate and implement IAM enhancements (e.g., improved workflows, connectors, MFA\/SSO patterns, passwordless\/JIT), manage changes through defined CAB and change management processes.
\nOwn vendor relationships and licensing for IAM\/PAM tools, manage upgrades\/patching, and ensure platform scalability, reliability, and performance.<\/p>\n
Qualifications Required<\/p>\n
Bachelor\u2019s degree in computer science\/engineering, Cyber Security, Software engineering, or related academic field.
\nIndustry certifications such as CISA, CISSP, or ISO 27001 LA\/LI are\u00a0a plus.
\nMinimum of 5 years of experience in Cyber Security, User access review and management, Privilege access Management, OR.<\/p>\n
Solid understanding of IAM and PAM tools like CyberArk, beyond Trust and any other access management and access review tools
\nFamiliarity with security frameworks and standards (e.g., NIST, ISO 27001, PCI DSS).
\nExperience in User access right review processes and Procedures, User Matrix Setup, and management.
\nBasic knowledge of Incident management and Troubleshooting.
\nUnderstanding of ICT infrastructure, networks, and application administration.
\nAnalytical and problem-solving skills, especially in identifying and mitigating security risks.
\nAbility to work collaboratively within cross-functional teams.
\nBasic project management and documentation skills.
\nStrong foundation of the required skills and knowledge through projects, programs, and related experience.<\/p>\n
CRDB Commitment<\/p>\n
CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individual with disabilities are encouraged.
\nIt is important to note that CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank\u2019s practices.
\nOnly Shortlisted Candidates will be Contacted.<\/p>\n
Deadline
\n2026-02-12<\/p>\n
Employment Terms
\nPERMANENT<\/p>\n
Sharing is Caring! Click on the Icons Below and Share<\/p>\n","protected":false},"author":2,"featured_media":0,"template":"","meta":{"_promoted":"","_job_location":"","_application":"https:\/\/careers.crdbbank.co.tz\/jobs","_company_name":"CRDB Bank","_company_website":"","_company_tagline":"","_company_twitter":"","_company_video":"","_filled":0,"_featured":0,"_remote_position":0,"_job_salary":"","_job_salary_currency":"","_job_salary_unit":""},"job_listing_region":[11],"job-categories":[],"job-types":[12],"class_list":{"0":"post-3139","1":"job_listing","2":"type-job_listing","3":"status-expired","4":"hentry","5":"job_listing_region-tanzania","7":"job-type-full-time"},"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-listings\/3139","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-listings"}],"about":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/types\/job_listing"}],"author":[{"embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/users\/2"}],"wp:attachment":[{"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/media?parent=3139"}],"wp:term":[{"taxonomy":"job_listing_region","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job_listing_region?post=3139"},{"taxonomy":"job_listing_category","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-categories?post=3139"},{"taxonomy":"job_listing_type","embeddable":true,"href":"https:\/\/jobs.dataaxisnode.com\/tanzania\/wp-json\/wp\/v2\/job-types?post=3139"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}