Job Details
A vacancy has arisen for the position of Information Systems Security & Assurance Officer (ISSO).
The Board is looking for a highly technical, competent, passionate, dedicated and self-driven individual of high integrity who is able to demonstrate strong leadership skills of Information systems security and assurance.
The Position
Reporting to the Chief Information Officer, Information Systems Security & Assurance Officer (ISSO) will be responsible for developing and implementing an information security program, which includes procedures and policies designed to protect enterprise communications, systems and assets from both internal/external threats and assurance of business recovery strategies through an elaborate BCP/DRS Governance Framework.
The ISSO will work alongside other IT services portfolio managers to implement cybersecurity products and services and to manage disaster recovery and business continuity plans.
Key Responsibilities
Provide Technical expert advice on infrastructure and security.
Conducting employee security awareness training and establish metrics to measure the effectiveness of this security training program.
Ensure that security is embedded in the project delivery process by providing appropriate information security policies, practices, and guidelines
Undertake System Administration for information security related appliances and solutions.
Play an Advisory role on information security, innovations and technical developments.
Work with service providers to ensure service delivery in a secure manner.
Handle security incidents reported by users, identifying security objectives and metrics.
Coordinate the development of implementation of incident response plans and procedures to ensure that business-critical services are recovered in the event of a security incident.
Evaluate and modify system’s security configuration and enforcing adherence to security practices as per the IT Security Policy.
Manage power backups at the datacentre and across the organization at the desktop level.
Scanning of the Institution’s environment to identify, diagnose and mitigate information security threats.
Testing all system backups to ensure business continuity at the Data Recovery Site.
Maintain a log and report of all information security incidents and mitigations.
Enforce implementation of Information security policy – Access control policy, Acceptable use of assets, Risk identification, assessment, treatment methodology and maintenance of ICT Risk register and monitoring of Key Risk Indicators.
Qualifications, Knowledge & Experience
Applicants must be holders of a Bachelor’s degree in Information Technology, Electrical / Telecommunications Engineering or equivalent qualification from a recognized institution.
At least four (4) years working experience in a busy ICT environment at least two (2) of which as an IS Security manager, IS Security Administrator or IS Security specialist.
Wide experience on deployment of routers, switches, VLANS and firewalls.
Working knowledge of windows and Linux operating systems and Servers.
CISSP/CEH/CSA+/CASP/MCSE/ISACA(CISA/CISM/CISA/CRISC/CGEIT), Database Certifications.
Personal Skills and Attributes
Personal integrity;
Possession of good interpersonal skills and networking skills;
Highly analytical, interpretive, report writing and presentation skills
Excellent interpersonal and communication skills;
Ability multi task to work under pressure and achieve results within deadlines
Good oral and written communication skills
Quick learner and adaptability
Team player
Ability to work with strict deadlines
Project management skills
Mastery of operating systems and computer Hardware skills
Leadership and Integrity
Candidates who are shortlisted for interviews will be expected to prove their compliance with Chapter 6 of the Constitution of Kenya 2010 by obtaining and presenting during interview clearance/compliance certificate from the following organizations:
Kenya Revenue Authority;
Higher Education Loans Board;
Ethics and Anti-Corruption Commission;
Directorate of Criminal Investigations (Certificate of Good Conduct) and;
Credit Reference Bureau.
go to method of application »