Policy & IT Risk Management Officer Job, IT Kenyan Job Vacancies, 


OFFICER – POLICY & IT RISK MANAGEMENT (3 POSITIONS)




Job Summary:                 


 The jobholder is responsible for supporting the implementation of Information Security management System based on ISO27001 and best practice.


Key Responsibilities



  •  Implement Information Security Management System based on the ISO/IEC 27001 series standards, including preparation for certification against ISO/IEC 27001

  • Perform gap analysis of information security standards such as ISO 27001 and create compliance reports for information security standards such as ISO 27001

  • Develop/review IS policies, standards, procedures and guidelines, in liaison with the stakeholder to obtain appropriate approvals and feedback for implementation.

  • Compliance monitoring and improvement activities to ensure adherence to internal security policies, procedure, standards and applicable laws and regulations

  • Support departments to manage implementation of information security management system.

  • Prepare materials and conduct Information security awareness, training and educational activities to stakeholders.

  • Manages information security risk assessments and controls selection activities

  • Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security controls

  • Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting.

  • Support the Information Security program including development, collection, assessment, and reporting of metrics

  • Recommend security policy changes and enhancements as needed

  • Conduct mock ISO Audits and, report on departments’ preparedness for final audit and certification

  • Support ISO 27001- audit and certification activities Day-to-day information security operations, supervision, reporting, management of performance and development of staff in the function


Qualifications



  • A Bachelor’s degree in Computer Science or related field from a recognized institution.

  • Must have at least one of the following security certifications or training in CISA/CISM/CEH/CHFI/ECIH/CISSP/ISO 27001/CRISP,

  • At least one (1) year related IT security work experience in a large or busy organization.


Technical Skills Required



  • Experience in Information Security Management System

  • Experience in development of policies and procedures

  • Knowledge in Information security risk management

  • Experience in Information security awareness development and training

  • Experience in cyber security threat Analysis or incident management


Key Competencies:



  • Excellent stakeholder engagement skills

  • Analytical mind with problem-solving aptitude

  • Excellent listening, communication and presentation skills

  • Reliable and thorough with a deep commitment to accuracy

  • Self-motivated and able to work independently

  • A team player

  • Ability to prioritize competing work commitments and deliver on time




Apply Now


N.B: Looking For A New Job? Find Your Next Job With Us. Click Here To Register Your CV. It's Free.