IT Officer - Information Security

ROLE PURPOSE
Plan International is an independent child rights and humanitarian organisation committed to children living a life free of poverty, violence, and injustice.

We actively unite children, communities and other people who share our mission to make positive lasting changes in children’s and young people’s lives. We support children to gain the skills, knowledge, and confidence they need to claim their rights to a fulfilling life, today and in the future. We place a specific focus on girls and women, who are most often left behind. 
We have been building powerful partnerships for children for more than 85 years and are now active in over 80 countries.

The Shared Services Centre is a Centre of Excellence based in the MEESA region established to serve clients to enhance their operation effectiveness i.e. COs, RH and GH.  The centre is committed to a reliable, efficient and effective service to clients at a competitive price.  Its ultimate goal is to be trusted, predictable, and dependable to our clients at all times and to ensure commitment to quality and excellent turnaround times in all our service delivery.

The IT Officer - Security is responsible for ensuring the security of Plan International’s information systems and data. This role involves developing, implementing, and maintaining security protocols, procedures, and policies to protect the organization’s digital assets from cyber threats and vulnerabilities.
 

ACCOUNTABILITIES

1. Security Management
•    Develop, implement, and maintain comprehensive IT security policies and procedures.
•    Conduct regular security assessments, vulnerability testing, and risk analysis to identify and mitigate potential security threats.
•    Monitor and manage security tools and systems to protect the organization’s network, systems, and data.
 

2. Incident Response
•    Develop and implement an incident response plan for addressing security breaches and cyber attacks.
•    Coordinate and manage the response to security incidents, including investigation, containment, and recovery.
•    Conduct post-incident analysis to determine the root cause and implement measures to prevent recurrence.
 

3. Security Awareness and Training
•    Develop and deliver security awareness training programs for staff to promote best practices in information security.
•    Create and maintain security-related documentation, including user guides, policies, and procedures.
•    Provide guidance and support to staff on security-related issues and best practices.
 

4. Compliance and Reporting
•    Ensure compliance with relevant security standards, regulations, and policies (e.g., GDPR, ISO/IEC 27001).
•    Conduct regular audits and assessments to ensure compliance with security policies and procedures.
•    Prepare and present security reports to management, highlighting risks, incidents, and recommendations for improvement.
 

5. Technical Security Implementation
•    Implement and manage security measures such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, and encryption tools.
•    Manage access controls, including user permissions and authentication mechanisms.
•    Perform regular security updates and patch management to ensure systems are up-to-date and secure.
 

6. Collaboration and Support
•    Collaborate with IT team members and other departments to ensure security measures are integrated into all IT projects and initiatives.
•    Provide technical support and troubleshooting for security-related issues.
•    Stay updated with the latest security trends, technologies, and best practices to continually improve the organization’s security posture.
 

7. Safeguarding (5%)
•    Ensure that Plan International’s global policy for Safeguarding and PII policy for Preventing Sexual Harassment Exploitation and Abuse; and Gender Equality and Inclusion are fully embedded in accordance with the principles and requirements of the policy including relevant Implementation Standards and Guidelines as applicable to their area of responsibility. This includes, but is not limited to, ensuring staff and associates are aware of and understand their responsibilities under these policies and Plan International’s Code of Conduct (CoC), their relevance to their area of work, and that concerns are reported and managed in accordance with the appropriate procedures.

TECHNICAL EXPERTISE AND KNOWLEDGE
•    Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field.
•    Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, ISO 27001 Certified) are highly desirable.
•    Minimum of 3-5 years of experience in IT security, including security policy development, risk management, and incident response.
•    Experience with security technologies and tools such as firewalls, IDS/IPS, antivirus software, and encryption tools.
•    Familiarity with security frameworks and standards (e.g., ISO/IEC 27001, NIST).
•    Experience in a non-profit organization or international development sector is a plus.
 

Skills and Competencies:
•    Strong technical skills in IT security, including knowledge of network security, application security, and data protection.
•    Excellent analytical and problem-solving skills.
•    Strong communication and interpersonal skills.
•    Ability to work independently and as part of a team.
•    Strong organizational and time management skills.
•    High level of integrity and confidentiality.
 

Personal Attributes:
•    Strong commitment to Plan International’s mission and values.
•    Ability to work under pressure and handle multiple tasks simultaneously.
•    Proactive and self-motivated with a continuous improvement mindset.
•    High level of attention to detail and accuracy.
 

Languages required:
•    Excellent written and verbal communication skills in English.
 

Click on the following link to access the full Job Description:

IT Officer - Information Security.pdf

Location: Nairobi, Kenya 
Closing Date: 10th August 2024

Equality, diversity and inclusion is at the very heart of everything that Plan International stands for.

We want Plan International to reflect the diversity of the communities we work with, offering equal opportunities to everyone regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex or sexual orientation.
 

Plan International is based on a culture of inclusivity and we strive to create a workplace environment that ensures every team, in every office, in every country, is rich in diverse people, thoughts, and ideas.
 

We foster an organisational culture that embraces our commitment to racial justice, gender equality, girls’ rights and inclusion.
 

Plan International believes that in a world where children face so many threats of harm, it is our duty to ensure that we, as an organisation, do everything we can to keep children safe. This means that we have particular responsibilities to children that we come into contact with and we must not contribute in any way to harming or placing children at risk.
 

A range of pre-employment checks will be undertaken in conformity with Plan International's Safeguarding Children and Young People policy. Plan International also participates in the Inter Agency Misconduct Disclosure Scheme. . In line with this scheme we will request information from applicants previous employers about any findings of sexual exploitation, sexual abuse and/or sexual harassment during employment, or incidents under investigation when the applicant left employment. By submitting an application, the job applicant confirms their understanding of these recruitment procedures.
 

Disclaimer: Plan International is an equal opportunity employer and does not discriminate applicants on any basis. 
We also do not charge Job seekers any fees at any point of the recruitment process.