Senior Information Systems Security Officer- Grade 5 at Development Bank of Kenya

Job Purpose

The Information Systems Security Section will be will be responsible for identifying and correcting the flaws in DBKs security systems, solutions, and programs while recommending specific measures to improve the banks overall security posture.

Key Duties and Responsibilities

• Developing and co-ordinating the preparation of annual procurement and disposal plans and their implementation;
• Ensuring the bank maintains a current enterprise-wide knowledge base of its users, devices, applications and their relationships;
• Ensuring the information systems meet the needs of the bank, in particular information system, development strategies, enterprise risk management framework, risk appetite and ICT policies.
• Design cyber security controls with consideration of all users at all levels of the organization including internal customers and third party users/external users.
• Organizing professional cyber related training to improve technical proficiency of staff.
• Conduct regular and comprehensive cyber risk assessments that consider people (i.e. employees, customers, outsourcing and other external parties) processes, data and technology
• Ensure timely update of the incident response mechanism and business continuity plan (BCP) based on the latest cyber threat intelligence gathered.
• Ensure frequent data backup of critical IT systems (e.g. real time back up of changes made to critical data) are carried out to a separate storage location.
• Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision making, are clearly defined, documented and communicated to relevant staff.
• Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the bank can continue to function and meet its regulatory obligations in the event of unforeseen attack through cybercrime.
• Undertaking any other duties as may be assigned from time to time.

Qualifications, Skills and Experience for Appointment

• Bachelor’s Degree in Computer Science or IT, Information Systems or related field;
• Masters degree in Computer Science or IT, Information Systems or related field is an added advantage;
• Six (6) years relevant working experience;
• Professional qualifications in any of the following: CISA/CISM/CRISM/CEH/CISSP/MCSE/MCITP/CCNA/Project Management Certification;
• Member of a relevant professional body;
• Management and supervisory trainings;
• Meets the provisions of chapter six of the constitution;