In today’s competitive environment, data stands central in providing a competitive advantage. It, therefore, becomes extremely crucial for organizations to protect their data to maintain their position in the market. Threats to the confidentiality, integrity and availability of organization information have been increasing exponentially creating risks at every stage.
The Head of ICT Security will therefore provide leadership to address ICT Security matters. Are you a security expert of modern-day Information Technology Infrastructure experienced in leading the implementation of IT Controls? Are you an expert on cybersecurity protection, detection, response and recovery? Are you looking to scale new heights in your career? This position at Co-operative Bank of Kenya is your opportunity to make that possible.
You speak to the breadth of the ICT security landscape and you have great understanding of the contemporary cybersecurity landscape and technologies used as security solutions for protecting enterprise against the evolving threats. You are well knowledgeable in Security Strategy Risk and Compliance; Application and Data; Infrastructure Endpoint and Mobile Security. You are a subject matter expert in assessing security capabilities, which could be in the policy, process, technology or organizational areas and you have the ability to identify gaps and recommend cost effective best practices to address ICT security issues comprehensively for the Group.
The role-holder will provide technical thought leadership in overall security solutions development and implementation, will be responsible for providing direction, life cycle management and leadership for ICT Security architecture and technology solutions. The individual would be involved in the identification, analysis, evaluation, life-cycle management and adoption of security technologies and would be entrusted with providing guidance on security features of technologies in the large enterprise environment.
The successful jobholder will be expected to:
- Develop and design ICT Security Strategy that ensures the control procedures are in place for technology and information systems that affects the management of fundamental organizational processes such as change management, disaster recovery and security.
- Implement the Bank’s Cyber-security program, enforce Cyber security Policies and ensure that information systems meet the Cybersecurity needs of the Bank as well as a full appreciation of current and emerging cyber risks that may affect the Bank.
- Lead the designing and implementation of IT controls designed to mitigate identified risks and ensure they are monitored for continued effectiveness.
- Lead and manage the implementation of COBIT (Control Objectives for Information Technology)
- Ensure that IT controls are continuously updated, as necessary, to correspond with changes in internal control and external regulatory requirements.
- Manage and ensure implementation of procedures or policies that provide a reasonable assurance that the information technology (IT) used by the Bank operates as intended, that data is reliable and that the Bank is in compliance with applicable laws and regulations
- Lead new projects related to IT Security Technology and Assurance
- Design and provide “data centric” security architecture and defense in depth solutions encompassing layers of controls to protect confidentiality, integrity and availability (CIA) of the data.
- Responsible for daily operations and management of IT Security standards with regard to data confidentiality, network security configurations, patching processes and providing recommendations to the technology teams with regard to IT Security procedures.
- Defining procedures and standards related to the management, implementation and resolution of vulnerability, patch, security configuration and other security deficiencies noted or detected by various security solutions or assurances processes.
- Communicate the IT security risk standards through effective engagement with all stakeholders for agile decision making and awareness
- Understand the Bank’s business initiatives and requirements and map these business needs into technical and security architecture.
- Involvement in digital forensics, IT security investigations, information privacy, access and security clearance procedures as and when required.
- Continuously update the skills and knowledge to keep up with the changing market and security landscape.
Qualifications, Skills & Attributes
The successful jobholder will be required to possess the following qualifications: –
- An IT related Bachelor’s degree with relevant IT Security professional qualifications i.e. Cisco Certified Network Associate (CCNA-Security)/ Cisco Certified Network Professional (CCNP)/Certified Information Security Manager (CISM)/ Certified Information Systems Security Professional (CISSP), CEH, CHP, or other relevant security certifications.
- At least 6 years’ experience in similar role in ICT Security Services coupled with a strong knowledge of security architectures and technologies including assessment, methodologies, compliance standards etc.
- Solid knowledge of security standards, IT security regulatory and compliance regulations and standards such as PCI DSS, HIPAA, Sarbanes Oxley, ISO 27001, NIST, CSF, COBIT, ITIL, SANS 20 and so on.
- Strong understanding and knowledge of IT risk assessment, risk procedures, security assessment, vulnerability management, penetration testing
- Strong knowledge of cloud architecture and prevalent security concerns and solid knowledge of solutions from vendors
- Strong business acumen, people management skills, conflict management & resolution skills, negotiations skills
- Excellent interpersonal communication and presentation skills
How to apply:
If you are confident that you fit the role and person profile and you are keen to add value to your career then please forward your application letter enclosing detailed Curriculum Vitae to [email protected] indicating the job reference number HIS/COO/2017 by 3rd August, 2017.