Information Security Manager Job in Kenya 2012
Position Title: Information Security Manager
Direct Reports: None
The main purpose for this role is to ensure that the company’s information and ICT assets are accessible and secured against any breaches and that our standards, policies, processes, controls and business continuity plans support this at all times so as to ensure confidentiality, integrity, availability and auditability.
- Develop, implement and review the ICT information security policy and procedures against best practice and industry standards.
- Monitor the company’s compliance with the ICT information security policies and procedures and manage the implementation of any corrective actions.
- Initiate, facilitate and promote activities within the company to create information security awareness.
- Serve as the proactive internal information security consultant including advising on regulatory issues and perceived risks and possible mitigations.
- Perform information security risk assessments to ensure the integrity and security of the Company’s systems and network is maintained.
- Develop, implement and monitor the company’s ICT business continuity plans and ensure all necessary remedial action is undertaken.
Internal: All departments
External: Regulatory bodies
Expected Minimum Qualification
- An IT related degree from a recognized institution
- Possession of a Certified Information Security Manager (CISM) and/or, Certified Information Systems Security Professional (CISSP) and/or Certified Ethical Hacking (CEH).
- Have at least 4 years’ of progressive experience in information security that includes:-
- Experience in development and implementation of relevant policies
- Experience in penetration and vulnerability testing
- Experience in network management, database management, company systems and other business applications
- Knowledge of and experience in the financial services industry will be an added advantage
Technical and General Competencies:
- Strong understanding of Information Systems, operating practices and operating systems security
- Understanding of application development and ability to use vulnerability testing tools
- Strong analytical skills and ability to objectively assess risk
- Ability to identify alternative solutions and business opportunities so as to improve the Company’s risk profile
- Have the ability to communicate and present clearly and concisely, both orally and in writing
- Have the ability to make prompt decisions and be independent in problem solving
- Good interpersonal skills and a team player
- Possess the ability to work effectively under pressure and with tight deadlines
- Attention to details
- Have passion and commitment to excellence, and unquestionable integrity
- Good report writing skills with an appreciation of Audit methodologies
How to apply:
Applicants should email their applications attaching a detailed curriculum vitae and a letter indicating why they are interested in and qualified for the position and the names of three referees who can provide confidential assessment of their capabilities to a Search Committee.
All communications relating to applications for this position should be addressed to: email address: firstname.lastname@example.org
Applications should be received by 20th March 2013.
Only shortlisted candidates will be contacted.
On the subject matter of the email please indicate the position you are applying for.