ICT Officer Infrastructure at Kenya Mortgage Refinance Company (KMRC)

Purpose of the Job

Responsible for managing the ICT infrastructure to ensure the stability, security, and efficiency of the companys IT environment. This role ensures that all IT systems, including networks, servers, and hardware, are functioning optimally, which is essential for supporting daily operations and strategic initiatives. Responsible with keeping up with the increasing complexity of IT infrastructure and the growing threat of cyber-attacks and deploying safeguards to these systems minimizing downtime, enhancing performance, and protecting sensitive data.

Duties and Responsibilities

The duties and responsibilities are as follows:

• Conduct regular risk assessments to the ICT infrastructure
• Develop and deliver the companys Cyber Security strategy and drive strong operational capabilities to protect the company.
• Design, implement and manage sound Security controls and ensure all risks are effectively managed or mitigated and processes optimised for maximum efficiency.
• Obtain and maintain operational excellence within the business, achieving, maintaining and promoting relevant ISO standards and industry best practice for cyber security and infrastructure management.
• Implement, monitor, and manage security aspects for the IT network, infrastructure and applications
• Ensure adequate budget, resource and management focus on cyber security risks and mitigation
• Budget planning for Cyber Security activities, products and solutions
• Effectively manage risk operational requirements for company in terms of Cyber
• Security and network infrastructure.
• Collaborate with vendors and service providers to procure Networking, Hardware and Security solutions
• Prepare and present ICT periodic reports to the management.
• Formulating and analysing ICT policies, processes, procedures and ensuring compliance.
• Monitoring LAN/WAN and company firewalls.
• Install, configure and upgrade network, hardware and security infrastructure.
• Coordinate activities geared towards troubleshooting and remediating cybersecurity incidents.
• Participate in project meetings and contribute to design reviews from high level application architecture to configuration of OS, Network, security parameters to meet security goals
• Document and review changes, operationalizing and troubleshooting of cyber security platforms and procedures
• Coordinating the development and implementation of departmental work plans; budgets and timely reports
• Implementation of Infrastructure related audit recommendations
• Perform any other duties as may be assigned from time to time.

Key Result Areas:

The jobholders accountability areas are outlined as follows:

• Conduct regular risk assessments, design, implement, and manage security controls to mitigate risks and optimize processes.
• Achieve and maintain relevant standards and industry best practices.
• Formulate and analyze ICT policies, ensuring compliance.
• Implement, monitor, and manage security aspects for IT networks, infrastructure, and applications.
• Monitor LAN/WAN and company firewalls, and coordinate cybersecurity incident responses.
• Ensure adequate budget and resources for cyber security risks and mitigation.
• Collaborate with vendors and service providers to procure networking, hardware, and security solutions.
• Participate in project meetings and contribute to design reviews.
• Prepare and present ICT periodic reports to management.

Knowledge and Skills Required:

The jobholder must possess:

• A bachelors degree in electrical engineering, Computer Science, Technology management or related fields.
• One Professional information security qualifications such as CISSP, CISM, CISA and CCNA
• Being a member of an ICT professional body is an added advantage.
• A minimum of 2 years of working experience in a similar role.
• Understanding of network and systems architecture, platform security, network security, application security, data security, cloud security, database security, user access management and embedded device security.
• Strong problem-solving and analytical skills, with the ability to diagnose and resolve complex ICT incidences efficiently
• Excellent communication and interpersonal abilities, with the capacity to convey technical concepts to non-technical users.
• Ability to work independently and collaboratively in a fast-paced, dynamic environment, managing multiple priorities and deadlines effectively.
• Should be analytical and be result oriented.
• Must have high standards of integrity and ethical practice.
• Must be capable of functioning effectively both as a team player and a team leader.
• Must have ability to accurately plan work assignments, prioritize tasks and deliver deadlines.