Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Mar 12, 2021
    Deadline: Mar 19, 2021
  • CIC Insurance Group Limited, commonly referred to as CIC Group, is an insurance and investment group that operates mainly in Kenya, Uganda, South Sudan and Malawi
    Read more about this company


    ICT Risk Specialist


    Monitor organization-wide compliance with information security policies and standards and proactively identify areas of emerging cyber risks and provide recommendations in liaison with the Information security officer


    • Work with the business to understand the day to day activities and evaluate that controls provide adequate security and compliance.
    • Monitor organization wide compliance with information security policies and standards and proactively identify areas of emerging cyber risks and provide recommendations in liaison with the Information security officer.
    • Participate in the review and development of information security policies, and related standards and guidelines, by representing the risk department in the ICT working group;
    • Perform periodic user rights reviews for staff and ICT administrators across business systems to ensure privileged access risks are controlled.
    • Monitor that data is captured, stored, processed and disposed off as per the policies. He/she should make sure that data is safeguarded and used responsibly by the data owners at various functional levels.
    • Conduct quarterly ICT Risk reviews and maintain an up-to-date ICT risk register for all the subsidiaries in CIC Insurance Group and proactively oversee implementation of risk mitigations.
    • Support the development of a risk awareness culture across the group through periodic trainings and risk awareness communicate.
    • Research on emerging ICT risks and present a quarterly report to Risk committee of management for every subsidiary.
    • Support business systems owners in the definition of information security requirements for existing and new applications and communication systems;
    • Support project managers during the project risk management process to identify project risks and treatment approaches for systems/ technology-based projects.
    • Provide expert advice on the security architecture and configuration of complex systems to the ICT department;
    • Participate in quality assurance activities by validating, or overseeing the validation of, the correct implementation of security controls before systems enter production;
    • Perform post implementation risk assessments for technology and information systems and recommend appropriate risk management controls.
    • Evaluate training and awareness programs carried out by ICT security and HR;
    • Keep abreast of developments in the field and shares security alerts with those responsible for affected operational functions;
    • Communicate ICT risks to business owners and document risk acceptance.
    • Represent the risk in the incident response team and coordinate the response to information security incidents;
    • Perform and/or oversee red teaming exercises
    • Conduct information risk assessments, identify and recommend risk mitigation measures


    Academic Qualifications

    • Bachelor’s degree in a related field

    Professional Qualifications

    • CISA/CISM/CRM or Progress ICT Security Certifications


    • Minimum of four (4) years’ relevant experience

    Method of Application

    Interested and qualified? Go to CIC Insurance on to apply

    Note: Never pay for any training, certificate, assessment, or testing to the recruiter.

  • Send your application

    Back To Home View All Vacancies at CIC Insurance
Never miss a job with our real-time & personalized push notification
Subscribe Now

Career Advice

View All Career Advice

Subscribe to Job Alert


Join our happy subscribers

Send your application through

Yahoomail Gmail Hotmail