SENIOR ICT RISK MANAGER, CORPORATE COMPLIANCE & RISK – LEVEL 6 (1 POST)
Ict & Computer Jobs
Job Description
Applications are invited from suitably qualified persons to fill the following posts
within the Zimbabwe Revenue Authority (ZIMRA) – an equal opportunity employer.
1. SENIOR ICT RISK MANAGER, CORPORATE COMPLIANCE & RISK – LEVEL 6 (1
POST)
Duties and Responsibilities
1.1 Key Responsibilities
▪ Provides strategic advisory services to Business and ICT on emerging technologies,
digital innovation and evolving cyber threats affecting the Authority,
▪ Interprets and translates international ICT risk, security and data protection
standards into Authority-wide governance requirements.
▪ Evaluates Authority-wide ICT investments to assess risk exposure, value realization,
and alignment with strategic objectives.
▪ Assesses ICT project risks from initiation through implementation and post-go-live
stages.
▪ Reviews and validates Business Continuity Plans, BIAs, and ICT Disaster Recovery
Plans.
▪ Provides governance oversight during disaster recovery simulations and incident
response testing.
▪ Monitors system changes and verify replication between primary and DR
environments.
▪ Provides strategic oversight of the ICT Risk Register.
▪ Prioritises ICT risks based on enterprise impact and risk appetite.
▪ Assesses Authority systems for security vulnerabilities and control weaknesses.
▪ Reviews access management, authentication, and logging controls.
▪ Evaluates communication security and data leakage risks
▪ Assesses data protection maturity of vendors.
▪ Reviews data processing agreements
▪ Provides enterprise-wide oversight of compliance with data protection legislation.
▪ Monitors adherence to Cyber & Data Protection Act and SI 155 of 2024.
▪ Embeds data protection requirements into ICT and business processes.
▪ Advises senior management on privacy risks and mitigation strategies
▪ Identifies high-risk data processing activities.
▪ Facilitates privacy risk analysis with stakeholders.
▪ Recommends safeguards and mitigation measures.
▪ Tracks implementation of DPIA actions.
Qualifications and Experience
1.2 Job Skills and Competencies
▪ Ability to work under pressure,
▪ Ability to communicate at all levels,
▪ Ability to work both independently and as part of a team,
▪ Unquestionable integrity,
▪ Computer literacy
1.3 Qualifications and Experience
▪ Bachelor’s Degree in Information Technology, Information Systems, Computer
Science, Information Security, Risk Management, or a related field is a must.
▪ Postgraduate qualification in Information Systems Management, Computer Science,
Risk Management is a must
▪ At least eight (8) years postgraduate experience in ICT / Risk Management
▪ Certified Data Protection Officer Certification (POTRAZ) is a must
▪ Professional certification in ICT Risk, Information Security, or Governance, such as:
CRISC, CISM, or CISA, ISO / IEC 27001 Lead Implementer or Lead Auditor ISO / IEC
27701 Lead Implementer / Auditor or COBIT Foundation / Design and
Implementation is a must
▪ Experience in Customs / Domestic Taxes or Tax environment is an added advantage.
▪ A thorough understanding of risk management practices is a must
How to Apply
Interested candidates should submit applications, accompanied by a detailed Curriculum
Vitae by 28 March 2026, All applications should be emailed to:
ZimraRecruitment@zimra.co.zw clearly stating the position applied for and
addressed to:
The Director, Human Capital
Zimbabwe Revenue Authority
6th Floor ZB Centre
Corner First Street / Kwame Nkrumah Avenue
P. O. Box 4360
HARARE
Please note that only shortlisted applicants will be responded to and females are
encouraged to apply
