IMYANYA 3 Y`AKAZI MURI DEVELOPMENT BANK OF RWANDA (BRD):Deadline: May 27, 2026

The role is responsible for operating, tuning, and optimizing SIEM and security monitoring tools to enhance threat visibility and reduce false positives. Oversees third-party application security monitoring, and works closely with vendors to remediate security issues and strengthen the Bank’s overall security posture.

• Coordinating and operating Security Operation Center (SOC) infrastruture and tools optimization
• Assessing and managing security risks associated with third-party and internally developed applications by conducting application security reviews, vendor risk assessments, and control validations
• Perform and oversee the threat analysis, alert triage, and root cause investigation
• Oversee and ensure preparedness protection of bank’s infrastructure against cyber threats, breaches, crimes and ensure emergency response preparedness
• Review and enforce the implementation of operational procedure for the SOC facilities
• Drive the application security reviews for new applications to be developed and services.
• Providing DevOps security solution integration with various security test tools
• Conduct effective vulnerability management through VAPTs for all bank’s applications whether newly acquired and existing to ensure vulnerabilities are timely detected and managed.
• Perform source-code reviews and threat modelling the SDLC of the applications
• Participate in the architecture of mobile and web applications including interface and database design, process and API flows.
• Simulating an attack on the system and IT infrastructure to find exploitable weaknesses
• Perform detailed analysis of incidents and implement recommended mitigation

• Advanced knowledge in using VAPT tools like Kali Linux tools and other Web Vulnerability and security scanning tools
• Experience working with Web Applications, Web Services, and Service Oriented Architectures
• Familiarity with the OWASP framework and application security best practices
• Strong understanding of SDLC principles.
• Strong analytical, documentation, and interpersonal skills
• Knowledge of encryption technologies (web, database, and file).
• Knowledge of identity and access management and its application in an enterprise
• Understanding of information security risks in financial services.

• Information Security team
• Required to liaise and work closely with the other departments as may be necessary such as Risk, Audit and Compliance
• External Assessor/Tester
• Regulatory body

• Bachelor’s degree in computer science, computer engineering, information systems or any other relevant degree.
• Relevant master’s degree from a recognized institution is an added value
• At least 4 years of experience in information security
• Good understanding banking information security infrastructure
• Information security certifications is an added advantage like ISO Lead Implementer, Lead Auditor, CEH or any other related professional recognized certifications
• Strong knowledge of secure design practices
• Extensive experience leading application security across the full SDLC within Agile and CI/CD environments, embedding security controls from design through deployment and operations in cloud-based platforms.
• Experience in implementing and operating Security Operation Center (SOC) tools including use-case development, tuning, and log source onboarding
• Experience in integration and data sharing with other Security Operation Center (SOC) is added value
• Experience working with Web Applications, Mobile Applications and Service Oriented Architectures
• Experience with multiple programming languages (such as, Java, C++, Ruby, Python, Perl, etc.)

• Familiarity with and hands-on experience with SOC tools
• Understanding of information security principles, standards, and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
• Knowledge of network protocols, system vulnerabilities, and attack vectors.
• Proficiency in risk assessment and management methodologies.
• Knowledge of applicable laws, regulations, and compliance requirements.
• Excellent communication and interpersonal skills to effectively collaborate with stakeholders across the bank.
• Security threat analysis, alert triage, incident detection, root cause investigation, and response,

• Job Title: Regulatory Compliance Specialist

• Job Grade:  JG G- Specialist

• Department: CEO’s Office-Compliance Unit

• Reports to: Manager, Compliance

• Direct Reports: N/A

• Indirect Reports: N/A

• Oversee timely and accurate regulatory reporting to authorities.
• Monitor and implement regulatory and legislative changes.
• Maintain regulatory obligations register.
• Track implementation of regulatory inspection findings.
• Conduct third-party and partner due diligence.
• Analyze regulatory risk trends and to the Manager compliance.
• Support regulatory inspections & examination.
• Advise on regulatory requirements.
• Coordinate compliance implementation across departments
• Lead periodic reviews of Bank policies and procedures to ensure full alignment with evolving regulatory requirements, and recommend updates to maintain compliance and best practice standards

• Accuracy & Timeliness of regulatory submissions
• Ensure regulatory findings are closed within agreed timelines
• Ensure no regulatory breaches
• Timely Implementation of regulatory changes
• Completeness of regulatory obligations register
• Third-party & partner due diligence completion
• Ensure policies & procedures alignment
• Timeliness of Compliance reporting

External: Regulators & Partners

• Bachelor’s degree Law, Finance, accounting, Business Administration, Statistics, or related field.
• Professional certification in Compliance, Risk, or Banking (advantageous)
• Minimum 3 years’ relevant experience in banking, or regulatory compliance environment

• Strong understanding of banking regulations and supervisory frameworks
• Ability to interpret and operationalize regulatory requirements
• Regulatory risk assessment and monitoring
• Compliance risk identification and mitigation
• Governance, risk, and control (GRC) frameworks
• Policy drafting, review, and implementation
• Regulatory inspection preparedness and coordination
• Audit findings tracking and closure management
• Strong data analysis and regulatory reporting capability
• Ability to identify compliance trends and escalate risks

Behavioral & Professional Skills

• High integrity and ethical standards
• Attention to detail and accuracy
• Strong communication and stakeholder engagement
• Ability to work under pressure and meet strict deadlines
• Analytical thinking and problem-solving ability
• Proactive and proactive risk mindset

• Job Grade:  JG G- Specialist

• Department: CEO’s Office-Compliance Unit

• Reports to: Manager, Compliance

• Direct Reports: N/A

• Indirect Reports: N/A

• Lead the Bank’s operational and conduct compliance monitoring framework, ensuring effective controls, fair customer outcomes, and adherence to regulatory expectations.
• Perform operational and Conduct compliance reviews and periodic health checks across all business and support functions.
• Monitor adherence to the Client Service Charter, turnaround times, and complaints handling standards.
• Conduct post-integration reviews of guarantees following BDF integration to ensure operational and regulatory compliance.
• Support staff training and awareness programs on internal policies and operational and conduct compliance.
• Identify, assess, and escalate conduct risk issues, including customer complaints, service failures, and potential misconduct.
• Develop and maintain compliance dashboards, key risk indicators (KRIs), and reporting tools for operational and conduct risk monitoring.
• Suspicious transaction monitoring and reporting
• Develop and maintain compliance dashboards and key risk indicators for operational processes.

• Coverage of operational & Conduct Compliance Reviews
• Level of compliance with Client Service Charter turnaround times
• Issue Tracking & Remediation
• Number of critical operational compliance breaches
• Timeliness of submission of compliance reports.

External: Regulators & Partners

• Bachelor’s degree in law, Finance, accounting, Business Administration, Statistics, data science or related field.
• Professional certification in Compliance, Risk, or Banking (advantageous)
• Minimum 3 years’ relevant experience in banking, or regulatory compliance environment

• Strong understanding of banking regulatory environment and supervisory expectations, with ability to apply relevant requirements to operational and conduct compliance activities.
• Ability to interpret regulatory requirements and translate them into practical operational and conduct compliance controls and monitoring processes.
• Competence in identifying, assessing, and monitoring operational, conduct, and compliance risks, including customer treatment and service delivery risks.
• Strong capability in compliance risk identification, evaluation, and mitigation within business processes and operational activities.
• Working knowledge of Governance, Risk, and Control (GRC) principles and their application in strengthening operational and conduct compliance frameworks.
• Ability to support policy implementation through operational compliance testing and adherence monitoring.
• Ability to track, monitor, and follow up on audit and compliance findings to ensure timely closure and effective remediation.
• Strong analytical skills with ability to interpret compliance data, develop dashboards, and produce meaningful management information and Key Risk Indicators (KRIs).
• Ability to identify compliance trends, emerging conduct risks, and operational control weaknesses, and escalate appropriately to management.

Behavioral & Professional Skills

• High integrity and ethical standards
• Attention to detail and accuracy
• Strong communication and stakeholder engagement
• Ability to work under pressure and meet strict deadlines
• Analytical thinking and problem-solving ability
• Anticipates potential operational and conduct risks early and escalates concerns promptly to prevent escalation or customer harm.