Openings at Corporate Staffing

Main Duties & Responsibilities

• Implement, support, maintain and administrate the Hospital’s IT security solutions including application, database, network and infrastructure security controls.
• Ensure that all the Hospital’s IT application systems, IT equipment and hardware and IT network security are regularly upgraded.
• Provide periodic IT Security status reports (daily, weekly, monthly etc.)
• Investigate and report on any IT security breaches and put in place the relevant actions.
• Act as a central point of contact for security issues.
• Assist in performing Business Impact Analysis (BIA);
• Participate in developing, updating, communicating and publishing the Information Security Policy other operational security policies.
• Assist in the development of security controls and security strategies.
• Ensure that the Confidentiality, Integrity and Availability of services are maintained at the levels agreed in the Service Level Agreements (SLAs);
• Ensure that all access to services by external partners and suppliers is subject to contractual agreements and responsibilities (e.g. non-disclosure agreements) and are closely monitored and that all changes to access are assessed for impact on all security aspects; including information security policy and controls;
• Actively identify options for reducing IT security risks within the Hospital.
• Identify and classify IT and information assets and the level of control and protection required for assets based on their classification.
• Perform security risk analysis and risk management in coordination with Risk and IT Service Continuity Management functions.
• Promote awareness of IT security across the Hospital.
• Perform security tests (e.g., network vulnerability tests);
• Provide the Hospital’s staff with the correct IT access and monitor IT access for compliance to the Hospital’s policies.
• Assist in the development and testing of the Hospital’s Disaster Recovery Plans (DRPs);
• Create manage user profiles, adds and deletes access rights and perform related profile maintenance and password control activities.
• Manage network security breaches, providing containment solutions, communications to management, and developing stop-gap methodologies across the Hospital.
• Monitor the Hospital’s IT network data to ensure the prevention of incidents that negatively impact confidentiality, availability, and integrity of the Hospital’s IT network.
• Ensure the security of the Hospital’s infrastructure network including servers (e-mail, print, and backup servers), and other IT infrastructure.
• Investigate and report on any IT network security breaches and put in place the relevant actions.
• Actively identify options for reducing IT network security risks within the Hospital; and
• Any other responsibilities that may be assigned to the job holder by the supervisor from time to time.

Qualifications, Skills & Experience

• Bachelor of Science degree in Computer Science, Software Engineering or any other related field from a recognized institution.
• Professional ICT qualifications such CISSP, CISM, CISA, CRISC is an added advantage.
• Minimum of 3 years’ IT Security experience

How To Apply

If your background, experience and competence match the above specifications, please send us your application (cover letter & CV/Resume) quoting the job reference number and to reach the undersigned. Your CV/Resume MUST include full names and contact details of 3 referees. We shall ONLY accept ONLINE applications and contact SHORTLISTED candidates. The Nairobi Hospital does not charge any money throughout the recruitment process.

Director Human Resources & Operations

The Nairobi Hospital

P.O. Box 30026 – 00100

NAIROBI   OR recruitment@nbihosp.org