Jobs Career Advice Signup
X

Send this job to a friend

X

Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Aug 13, 2018
    Deadline: Aug 24, 2018
    • @gmail.com
    • @yahoo.com
    • @outlook.com
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Established as a Finance Company in 1983, Equatorial Commercial Bank Limited (ECB) commenced operations as a fully-fledged commercial bank in 1995.

    In June 2010 Equatorial Commercial Bank merged with Southern Credit Banking Corporation, creating a new enlarged bank under the Equatorial Commercial Bank brand. The merger gave ECB critical mass to ...
    Read more about this company

     

    Chief Information Security Officer

    Job Description

    The institution is seeking to hire a qualified and highly experienced Chief Information Security Officer (CISO) the role entails looking at data management and analytics, which will help the Bank to better anticipate the nature of threats and determine the most appropriate action to meet them.
    The Key Roles:

    • Overseeing and implementing the Bank’s cyber security program and enforcing the cyber security policy/framework.
    • Ensuring the Bank maintains a current enterprise-wide knowledge base of its users, devices, applications and their relationships, including but not limited to:
    1. Software and hardware asset inventory;
    2. Network maps (including boundaries, traffic and data flow); and
    3. Network utilization and performance data.
    • Ensuring that information systems meet the needs of the Bank, in particular information system development strategies, comply with the overall business strategies, ERM framework, risk appetite and ICT policies.
    • Design cyber security controls with the consideration of users at all levels of the organization, including internal (i.e. management, permanent & contract staff and direct sales representative) and third party users/external users (i.e. contractors/consultants, business partners and service providers).
    • Organizing professional cyber related trainings to improve technical proficiency of staff.
    • Conducting regular and comprehensive cyber risk assessments that consider people (i.e. employees, customers, outsourcing and other external parties), processes, data, and technology across all its business lines and locations.
    • Monitoring current and emerging cyber risks.
    • Maintain comprehensive cyber risk register. Risk identification should be forward looking and include the security incident handling.
    • Reporting to the board on an agreed interval but not less than once per quarter on the following:
    1. Assessment of the confidentiality, integrity and availability of the information systems in the banks.
    2. Detailed exceptions to the approved cyber security policies and procedures.
    3. Cyber risk identification.
    4. Assessment of the effectiveness of the approved cybersecurity program.
    5. All material cyber security events that affected the bank during the period.
    • Ensure timely update of the incident response mechanism and Business Continuity Plan (BCP) based on the latest cyber threat intelligence gathered.
    • Incorporate the utilization of scenario analysis to consider a material cyber-attack, mitigating actions, and identify potential control gaps.
    • Ensure frequent data backups of critical IT systems (e.g. real time back up of changes made to critical data) are carried out to a separate storage location.
    • Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented and communicated to relevant staff.
    • Continuously test disaster recovery and Business Continuity Plans (BCP) arrangements to ensure that the bank can continue to function and meet its regulatory obligations in the event of an unforeseen attack through cyber-crime.
    • Collaborate with other the banks and the security agencies to share the latest cyber threats/attacks encountered by the bank.

    Key Skills, Experience and Personal Competencies Required

    Skills

    • Excellent interpersonal & Communication Skills
    • Working in Teams
    • Excellent analytical skills
    • Organization skills
    • Problem solving skills
    • Excellent knowledge of security tools
    • Report writing skills

    Experience

    • 3- 5 years Banking Experience

    Recommended Minimum Qualifications

    Education Level

    • Graduate – BSc. Degree in Information Technology , Mathematics or Computer Science
    • Master’s degree would be advantageous

    Professional Qualifications

    • Certified Information Security Professional
    • Cisco Certified Network Associate
    • Cisco Certified Security Administrator
    • Check point Certified Security Administrator

    Method of Application

    If you are up to the challenge & fit the required profile, please apply highlighting your qualification, experience and career aspirations match the requirement for this position.

    Application should be sent latest 24th August 2018 clearly indicating the position you are applying for on the Subject to: recruitment@spirebank.co.ke

    Build your CV for free. Download in different templates.

  • Apply Now
  • Send your application

    View All Vacancies at Spire Bank Kenya Back To Home

Subscribe to Job Alert

 

Join our happy subscribers

 
 
Send your application through

GmailGmail YahoomailYahoomail