Job Purpose
The role holder is responsible for assessing existing and emerging cyber risks in the payments ecosystem both Retail and Large Value Payments including review of cyber security standards, laws, policies, guidelines and other related frameworks. The role holder will analyze statutory data returns, audits, market developments, consumer complaints to advice on corrective actions and to induce change where necessary in compliance with the existing National Payment System (NPS) laws. The role is responsible for reviewing payment system cyber security submissions for licensing in compliance with the National Payment System (NPS) laws, guidelines, standards and best practices.
Key Duties and Responsibilities
Strategic Responsibilities
Contribute as appropriate to the performance of the function and to the overall achievement of the BPS’s strategic objectives.
Technical and Operational Responsibilities
Oversight of cyber security for retail and large value payments system (RPS/ LVPS) including i.e. ACH, EFT, Cards, Mobile Payments, switches, KEPSS and any other licensed or designated payment system.
Carry out cyber security assessments of payments systems against BIS core principles and set standards.
Assist in the preparation of oversight reports RPSs e.g. Monthly reports, Quarterly and Annual reports.
Determine data requirements and relevant returns to facilitate oversight of payment systems providers.
Conduct online monitoring of PSPs transactions.
Undertake on- site oversight examination/off-site surveillance of PSPs.
Administer and enforce the Acts and Regulations and enforce supervisory actions on PSPs contravention of the regulatory requirements.
Identify infrastructures that meet the criteria for FMIs for purposes of designation.
Review audit and incident reports and recommend regulatory action.
Receive and review complaints/enquiries on a payment system/product from customers/users.
Continuously/periodically monitor implementation of recommendations made to rectify or enhance certain critical functions or areas highlighted during on-site oversight.
Identifying weaknesses and action points in the operation of payment systems.
Prepare inspection program, develop pre-inspection template and risk assessment matrix template.
Work with industry stakeholders in developing awareness and capacity building programs cyber security for payment systems.
Research on new threats/technologies/vulnerabilities impacting payment systems globally and locally, providing the necessary guidance both to the Bank and Industry.
Develop guidelines, circulars and other relevant supervisory tools for cyber-security.
Other Responsibilities
Performing any other duties as assigned by Manager and the Assistant Director.
Qualifications
Bachelor’s Degree in a relevant field e.g. Information Technology, Computer Science or related field.
Professional qualifications in information security certifications such CISA/CISSP/GIAC/CEH/OSCP or any relevant qualification for cyber risk experts and any other memberships are an added advantage.
Any recognized international and professional Information Technology certification e.g., ITIL Service Management, ISO (20k or 27001) Lead Implementer /Audit), COBIT will be an added advantage.
Work Experience
Five (5) years’ experience working in information systems audit, cyber risk and/or related field and role.
Competencies
Technical Competencies
Knowledge of the payments and or banking industry on issues related to Card payments, Retail payments innovation and security, P2P Switch providers, Mobile payments & Banking.
Good understanding of internationally accepted best practices and standards for effective oversight of payment systems
Knowledge of Banking and Payments Laws & Regulations
Knowledge of payment technologies and innovations.
Risk Assessment Management framework
Analytical skills and creative thinking skills
Cyber Risk /Information systems, audit and security related skills
Security and cyber risks
System performance monitoring
Behavioural/ General Competencies
Ability to work collaboratively in a team
Decision making
Professionalism
Communication
Customer orientation
Integrity and honesty and ethics
Resilience
Mentoring and coaching
Ability to drive change
Building consensus and influencing
Emotional Intelligence
Independence and objectivity
Apply via :
careers.centralbank.go.ke