Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: May 16, 2019
    Deadline: May 17, 2019
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya - incorporated with effect from January 1, 2016 - and all KCB's regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It als...
    Read more about this company

     

    Head, IT Risk & Security

    Reporting to the Director, Information Technology, the purpose of the role is to safeguard KCB critical information infrastructure against external aggression from cyber criminals; respond to, resolve and recover from Cyber/IT Security incidents and attacks through proactive security incidence monitoring and also deliver an appropriate IT business continuity & data back-ups management capability for the Bank in the event of a material business interruption.

    Responsibilities

    • Ensure the security of the core banking systems through adequate security management and administration measures.
    • Develop and enforce IT policies, standards and procedures to ensure proper operations and maintenance of the IT assets.
    • Implement appropriate transparency/escalation of all significant risks as appropriate in the weekly and monthly reports, and priority notifications to ensure minimum exposure to risk.
    • Identifying risks via: analysis of monthly metrics and other indicators; review of IT conformance reports, security assessments, requests for policy/standard exceptions and health check results; responding to escalations and queries; regular discussions with the departments; and other means that may be available to ensure that appropriate measures are taken to mitigate exposure.
    • Assessing identified risks in conjunction with other IT Departments, Information Risk and other Lines of Business to determine the impact/materiality in terms of financial loss/cost, reputation and/or regulatory risk and the likelihood and potential frequency of such risk occurring.
    • Ensure appropriate action plans and delivery dates are in place to address material risks and any open internal or external audit items or regulatory issues, and tracking these actions to completion.
    • Participate in the annual IS and IT audit plan with the Internal Audit in order to take note of the areas to be addressed.
    • Coordinate with internal and external auditors to ensure timely and responsive auditees, appropriate findings, and appropriate management responses and action plans.
    • Coordinate with Operational Risk Control to ensure transparency of risks, appropriate measures in place to mitigate risks to within the Business risk appetite, and a positive and open working relationship.
    • Providing guidance within the departments on topics related to ICT risk management such as achieving compliance with standards and policies, staying within the risk appetite of the KCB.
    • Coordinating with the Departments to ensure all deadlines are met for core activities such as conformance, audits, regulatory reviews, priority initiatives, etc.
    • Participation in the implementation of the Group Data Protection and Data Confidentiality programs.
    • Responsible for implementing/establishing a process for safeguarding authentication devices against interference, loss and theft.

    Qualifications

    • To be considered for the role, the successful applicant should have the following:
    • Preferably a Bachelor’s Degree in ICT or Related Field from a recognized university. A Master’s Degree will be added advantage.
    • Must possess at least one security certification such as CISA, CISM, CISSP, CASP, BCM, Security +.
    • A minimum of 10 years senior management experience in Information Technology with hands on experience in:
      • 8 years’ experience in Core banking risk & security management,
      • 8 years’ experience in Active directory management,
      • 8 years’ experience in IT Security on operating systems and databases,
      • 8 years’ experience in IT BCM, Data Back Ups & Archival Management,
    • Knowledge of web security architecture is essential.
    • Knowledge and skills on encryption, VPN is essential.
    • Knowledge of web programming languages and software & security architectures is desired.
    • Strong leadership skills with demonstrated competencies in championing high performance.
    • Superior communication and interpersonal skills.

    Method of Application

    Interested and qualified? Go to KCB Bank Kenya on ke.kcbgroup.com to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at KCB Bank Kenya Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail