Information Risk Manager

Kenya

Full Time Mid-level / Intermediate USD 57K - 107K *

KCB Group

View all jobs at KCB Group

Apply now Apply later

Posted 1 day ago

Key Responsibilities

Day to day Informational risk management process through conducting risk workshops with business and IT to identify, assess, manage, monitor and report risks on a continued basis.
Ensure that implemented systems are in line with KCB systems development life cycle as per KCB Information Security policy.
Liaise with Risk Heads in subsidiaries with a view of ensuring that Group IT standards are met.
Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with IT department on effective responses or control measures within subsidiaries.
Reporting on incidents and complaints about ICT services.
Conduct periodic IT risk assessments to ensure that all risks have been identified have been brought to the attention of management and appropriate control measures implemented to mitigate the risks in subsidiaries.
Evaluate the technological direction and ensure the bank is positioned to take advantage of emerging technologies.
Pre- and post-implementation review of ICT or ICT related projects for Kenya and subsidiaries.
Review of Information Systems audit reports and tracking implementation of the recommendations thereof.
Provide information risk consultation and guidance during system, application development and e-product development to assure that security concerns are addressed in the process.
Management and maintenance of Informational risk management database.

The Person

For the above position, the successful applicant should have the following:

A Bachelor’s degree in Information Technology, Electrical Engineering, Computer Science, Business.
Professional certification in Information Security and Risk Management knowledge areas such as CRISC, CISM, CISSP, CISA or equivalent.
Master’s degree in IT, MBA, Computer Science is an added advantage.
5 years’ work experience in the same or related role, with at least: -
4 years’ experience in Information Risk / IT Security and/ IT Audit
4 years’ experience in Information Risk Reviews and Vulnerability Assessments.
4 years’ experience in Red Team Exercises and/or Penetration Testing Experience.
3 years’ experience in Stakeholder management
2 years’ experience in peoples management is desired.

Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats: 1 0 0

Categories: Compliance Jobs Leadership Jobs

Tags: Audits CISA CISM CISSP Computer Science CRISC Pentesting Red team Risk assessment Risk management SDLC Vulnerabilities

Region: Africa

Country: Kenya

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.