Senior Officer – I.T Risk at Bank of Africa Kenya Limited

Purpose

The Job holder is responsible for establishing effective mechanisms to identify, measure, monitor, and control the risks inherent in BOAK’s ICT systems, to ensure data integrity, availability, confidentiality, security, and consistency and to provide the relevant early warning mechanisms.

Responsibilities

• Implementation of the Risk Framework Document- IT Risk Aspects & other assigned risks.
• Periodic review of the Information Technology Risk Framework.
• Develop and continuously revise KRIs for ICT & Security Risks.
• Defining and revising risk appetites for IT and Security related Risks
• Monthly update of the detailed ICT Risk Register.
• IT Security Policy implementation review for compliance
• Domain and Anti-virus Systems clean-up procedures and review.
• Systems Access Control Management.
• Coordinating review and change of systems passwords, and safe storage.
• Systems users review and clean-up of applications.
• Preparation of the Monthly Dashboards and Board Report on ICT risk
• Conducting daily IT Risk/Security Monitoring checks.
• Preparation of plans and measures on action points in ICT Risks following review of Risk event reports.
• Overseeing Disaster Recovery Planning/BCP systems testing, implementation and improvements.
• Carrying out IT Security Systems Assessments and Reporting for planned and new systems implemented in the enterprise.
• Implementation of revised CBK Risk Management guidelines on ICT Risk.
• Cyber Security Intelligence and Training.
• Research and update into the latest cyber security news and trends.
• In-house Cyber security training for staff.
• Close follow up for implementation / closure of vulnerabilities as detailed in the various reports.
• Assist the Head of Enterprise Risk with monthly following up for implementation of risk issues.
• Other special assignments as assigned by the Head of Enterprise Risk

Required Experience and Competencies

• Minimum 3 years’ experience in ICT and Security related roles.
• Outstanding Personal organization and prioritization skills
• Excellent communication skills.
• Leadership skills
• Negotiation skills
• Risk management skills
• Strong problem-solving skills
• Adaptability
• A Bachelor’s degree in an ICT related field.
• CIA, CISA, CFE will be an added advantage.
• IT Certifications – CCNA – security
  • Information Security certifications (requisite, the more the added advantage)
  • CISSP (Certified Information Systems Security Professional)
  • Certified Ethical Hacker (CEH).
  • CISA (Certified Information Security Auditor)
  • CCISO (Certified Chief Information Security Officer)
  • CISM (Certified Information Security Manager)