Manager (IT Governance and Cyber Security

Microcredit Regulatory Authority (MRA) certificate number- 00488-00186-00065

BRAC is an international development organisation founded in Bangladesh that partners with over 100 million people living with inequality and poverty globally to create sustainable opportunities to realise potential.

BRAC Microfinance provides people who cannot access traditional financial banking services with access to a suite of financial services, including loans, savings and microinsurance. We provide an alternative to high-interest loans from informal lenders, supporting families to invest in income-generating activities, build assets, and reduce vulnerability to health shocks and natural disasters. Passionate about finance beyond formal banking systems? Join the BRAC Microfinance team to help build a more financially-inclusive society, where everyone can access finance when they need it - safely, responsibly and sustainably.

Working at brac is not like any other job. It is a platform where you can bring about real change for people who need it the most. We are not just dreaming of a better world, we are building it. Join us to find the way.

JOB PURPOSE

The purpose of this role will be to streamline & stabilize new and existing IT Governance & Cybersecurity functions.

Manage in designing, publishing &; enforcing IT policy, standards, and procedures / guidelines in accordance with internal policies, and applicable regulations to support Microfinance’s vision of secured and reliable digital adaptation.

Collaborate with business and technical stakeholders in the implementation of Internet Security governance controls, and to continually improve the information security posture of the organization through effective policy making to follow which will secure all the data asset of 8.2 million clients in Microfinance programme.

KEY RESPONSIBILITIES

To design and roll out new/existing information/cybersecurity frameworks and guidelines as per requirements.

To develop and articulate cybersecurity architectures, security policies and any supporting documents for complex systems and networks.

To deliver security programmes, strategies, and frameworks with associated KPIs.

To create and review technical architectures and conduct systems and network security strategic planning.

To involve and conduct cybersecurity technical and vulnerability assessments for complex systems.

To manage and coordinate the information security steering committee, covering presenting policies, and gathering/ incorporating stakeholders’ feedback on policies.

To ensure review of information security policy framework is carried out periodically.

To establish project governance, providing key reporting/input into Project and Business Reviews in line with agreed methods and principles.

To prepare and maintain project schedules, including dependencies, resource plan and risks.

To on-board, lead and manage a multi-functional core team, ensuring project objectives are fully understood and achieved.

To manage and participate in relevant cross functional projects & activities.

SAFEGUARDING RESPONSIBILITIES

Ensure the safety of team members from any harm, abuse, neglect, harassment and exploitation to achieve the program’s goals of safeguarding implementation. Act as a key source of support, guidance, and expertise on safeguarding for establishing a safe working environment.

Practice, promote and endorse the issues of safeguarding policy among team members and ensure the implementation of safeguarding standards in every course of action.

Follow the safeguarding reporting procedure in case any reportable incident takes place and encourage others to do so.