Latest Jobs in Kenya 2023- Job Vacancies in Kenya - EjobsinKenya

View latest jobs in Kenya 2023. Today Recent job vacancies, banking, graduate, oil and gas jobs in Kenya, Aviation Jobs and careers. E- Jobs in Kenya is No 1 Latest Jobs in Kenya website for Job vacancies in Kenya. Get Jobs in Kenya 2023 Today.

May 30, 2023

Unlabelled

Information Security Officer Job in Kenya

May 30, 2023 0 Comments

Career
Opportunity: Information
Security Officer



We are a dynamic,
well-established Savings and Credit Co-operative Society in the country for all
professionals with membership spread globally.



We are seeking to recruit a
highly qualified result-oriented individual for the position of Information
Security Officer.



1. Job Title & Reporting



Title: Information Security Officer



Reporting: To The ICT Manager



2. Job Purpose



To provide ICT support in
continuous review of the Society’s systems and in recommending mitigation
measures against risks and issues identified with a view to improve
confidentiality, integrity and availability of Society’s information and
information processing systems.



3. Main Responsibilities



a) Oversee and implement the
Society's information security program and enforce the information security
policy.



b) Design information security
controls with the consideration of users at all levels of the Society,
including internal (i.e., management and staff) and external users (i.e.,
contractors/consultants, business partners and service providers).



c) Organizing professional
information security related trainings to improve technical proficiency of
staff.



d) Ensure that regular and
comprehensive information risk assessments are conducted.



e) Ensure that adequate
processes and tools are in place for monitoring IT systems to detect
information security incidents and events in a timely manner.



f) Ensure timely update of the
incident response mechanism and Business Continuity Plan (BCP) based on the
latest cyber threat intelligence gathered. Incorporate the utilization of
scenario analysis to consider a material cyber-attack, mitigating actions, and
identify potential control gaps.



g) Ensure frequent data backups
of critical IT systems (e.g., real time back up of changes made to critical
data) are carried out to a separate storage location.



h) Review of the Society’s
critical systems, recommendation, and implementation of appropriate and
adequate IT security controls to mitigate and minimize information security
risks.



i) Ensure continuous review of
controls in place to identify and close gaps and provide continuous assurance
on the security of the Society’s information systems.



j) Ensure consistency in
achieving compliance requirements, optimal efficiency, and cost containment
regarding information systems security.



k) Ensure robustness of the
Society’s information system security and effectiveness of systems (policies,
processes, procedures, and tools) in escalating and investigating IS security
violations.



l) Adequacy of personal
competence to effectively maintain quality assurance for the Society’s
information systems security in a manner that consistently meets established
standards or benchmarks.



m) Perform continuous reviews
of users of systems with emphasis on exits, joiners and internal movements, and
take appropriate corrective actions where there are deviations.



n) Liaise with managers to
continuously confirm and update the rights and privileges of users in the
Society.



o) Perform continuous review of
systems, including technical penetration testing and vulnerability assessment
of systems and applications.



p) Communicate ICT security
findings with management and follow up issues to closure.



q) Perform daily reviews of
logs and audit trails of key and critical Society systems as per the program of
work.



r) Provide ICT security support
for the ICT related projects carried out during the year, ensuring compliance
with Society policies and best practice.



s) Carry out an effective
information security awareness program in the Society.



t) Keep abreast of the
fast-changing information systems exposures/ threats and ensure that adequate
and up-to-date information systems security measures are in place for the
maximum protection of Society information assets.



u) Any other lawful duties that
may be assigned from time to time.



4. Knowledge, Skills, and Experience

Minimum level of academic qualification, knowledge
required to perform effectively in the role:



a) A Bachelor’s degree in
Computer Science or any other ICT related fields.



b) Knowledge of relevant
ERP/Systems will be an added advantage.



c) Successful candidates will
be required to meet the requirements of Chapter 6 of the constitution of Kenya
by obtaining the necessary documentation.



Minimum level of professional
qualification/professional experience required to perform effectively in the
role:



a) Professional certification
in ICT fields (CISM, CISA or similar certification) is an added advantage.



b) Knowledge in CISCO.



c) Experience in maintenance
and security of Microsoft Servers, firewall, ERP and systems.



Minimum months or years of experience required to
have to be appointed to the position:



Three (3) years of experience.



Desired Technical & Behavioural Skills:



a) A proven record of dealing
with complex projects and meeting conflicting demands.



b) Knowledge of Network
monitoring tools, Traffic analysis, and intrusion detection systems.



c) Knowledge of information
security management best practices such as ISO 27000.



d) Knowledge of threat and
vulnerability analysis, risk assessment business impact analysis.



e) Compliance &Risk
management.



f) Good knowledge of the market
and the Society’s products and services.



g) Knowledgeable with working
experience of the relevant ERP/Systems software.



h) Explores places/situation to
maximize innovation for the Society.



i) Strong analytical skills.



j) Self-confidence and
motivated.



k) Excellent communication with
strong written and oral skills.



l) Good people, interpersonal
and networking skills.



Key Performance Indicators



a) System uptime and system
security



b) Effective BCP and DRP
systems



c) Compliance with the Data
Protection regulations.



d) Seamless process of data
accessibility and information awareness.



e) Level of user satisfaction.



How to Apply



Interested candidates for the
above opportunity should access more information on the job specifications and
apply online by filling in the data form from our website on

www.mhasibusacco.com/careers/Information
Security Officer



Applicants should after filling
the form send their detailed curriculum vitae, copies of academic and
professional certificates, and relevant testimonials to the email

recruitment@mhasibusacco.com. The deadline for submission of all applications
is on or before 12th June 2023 by 5.00 pm.



Kindly note that only
shortlisted candidates shall be contacted.



Mhasibu Sacco is an equal
opportunity employer.

By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)