Manager – Information Systems Security at Kenya Revenue Authority (KRA)

Department: Corporate Support Services

Division:       Information and Communication Technology

Location / Work Station:  Nairobi

Job Summary:      

• This role is responsible for formulating and implementing best practice strategies to manage information security and cyber risks in the Authority.

Key Responsibilities:       

• Formulate information security strategies to manage information and cyber risks hence protecting revenue and KRA reputation
• Coordinate the development and implementation of the KRA information security policies
• Coordinate the implementation and maintenance of Information Security Management System (ISMS) based on ISO27001 and best practice.
• Coordinate monitoring and surveillance of KRA IT resources to detect and deter cyber attacks
• Ensure confidentiality, integrity and availability of information as well as ensure non- repudiation of electronic transactions in the Authority.
• Oversee the design, acquisition, implementation and operation of information security tools for the protection of KRA information
• Coordinate the design, implementation and review of information security controls in systems, infrastructure and processes to protect KRA information and revenue.
• Provide information security advisories on acquisition and implementation of technology and third party integrations involving/requiring information exchange.
• Oversee development and implementation information security awareness programme across the organization.
• Provide support to relevant departments in information security investigative incidences.
• Day-to-day operations, supervision, management of performance and development of staff in the unit

Academic Qualifications         

• A Bachelor’s Degree in Computer Science or related field from a recognized institution.

Professional Qualifications       

• Must have at least two of the following security certifications in CEH/CHFI/ECIH/CISSP/ISO 27001 or in relevant  information security solutions certification

Relevant Work Experience        

• Minimum of five (5) years’ relevant work experience, with at least two (2) years’ experience at entry-level management or a similar role in a large or busy organization.

Technical Skills Required

• Experience in information security solution design or Strategy development
• Knowledge in IT risk management
• Knowledge in Vulnerability Management
• Knowledge in Data protection
• Experience in the Information Security management System (ISMS)
• Experience in cyber security threat Analysis or incident management
• Experience in Project Management

Managerial Competencies        

• Leadership and people management skills
• Good decision-making capabilities
• Good planning and organizational skills
• Excellent communication and presentation skills
• Good negotiation, delegation and interpersonal skills
• Professional networking
• Resilient, focused and results-oriented