Head Group Cybersecurity at KCB Bank Kenya

Key Responsibilities

• Establishing and maintaining KCB Group’s cybersecurity vision, strategy, and program to ensure information assets and technologies are adequately protected and defended.
• Developing and enforcing cybersecurity policies, standards, and procedures to ensure proper operations and maintenance of Technology assets.
• Ensuring the properties of security, authenticity, accountability, non-repudiation and reliability of information and information processing systems are preserved.
• Promoting user awareness of good cybersecurity practices, current threats, and the Group’s cybersecurity policies & procedures among all Group employees, vendors, and customers.
• Incident Handler in the Group’s Cybersecurity Incident Response and Recovery Team (CIRRT).
• Identifying and assessing ICT risks in conjunction with other departments in Technology Division, Group control functions and lines of business to determine their materiality.
• Implementing appropriate transparency/escalation of all significant ICT risks as appropriate through regular reports to executive management, and priority notifications to ensure minimum exposure to ICT risk.
• Ensuring appropriate action plans and delivery dates are in place to address material risks and any open internal or external audit items or regulatory issues and tracking these actions to completion.
• Providing guidance within Technology Division on topics related to ICT risk management such as achieving compliance with internal policies, regulatory requirements, and international standards in order to remain within the risk appetite of KCB Group.
• Implementing technical controls in support of the Group Data Privacy programs.
   

The Person 

For the above position, the successful applicant should have the following: 

• BSc. Information Technology / Computer Science / Telecommunications / Engineering or related field.
• At least one certification from the list below:
• CISSP: Certified Information Systems Security Professional.
• CISA: Certified Information Systems Auditor.
• CISM: Certified Information Security Manager.
• CCISO: Certified Chief Information Security Officer.
• 10 years progressive working experience with at least 8 years’ experience in:
• Information Security Management
• Governance, Risk Management and Compliance
• Security Architecture and Engineering
• Security Program Management and Operations.
• Experience in Communication and Network Security, Identity and Access Management, Software Development, Security Assessment and Testing.

To be considered your application must be received by Monday 27th June 2023