This role exists to provide continuous independent assurance on the Bank’s Information Security as regards confidentiality, integrity, and availability of the IT infrastructure, processing systems, and related resources in line with the Bank Information Security Policy. The deadline for this application is on23rd September 2021.
Review of the Bank’s critical systems, recommendation, and implementation of appropriate and adequate IT security controls to mitigate and minimize information security risks.
Continuous review of controls in place to identify and close gaps and provide continuous assurance on the security of the bank’s information systems
Provide IT security support to IT Security Services and Internal Audit.
Implement an effective information security awareness program in the Bank.
Continuous review of systems at all levels i.e. servers, applications, database, network devices, etc., identify risks and make recommendations on the closure of the risks.
Be involved in providing forensic data to all reviewers i.e. investigators, analysts, etc.
Be involved and provide security guidance during technology projects, systems deployment, upgrades, and changes.
Review all issues logged by users and analyze trends as relates to systems security management.
Ensure all sensitive and confidential bank information is protected in conformity with the Bank’s privacy policies.
Manage all external parties’ access to bank infrastructure and systems and have detective measures for intrusion.
Provide and analyze departmental self-assessment reports on all systems controls to assist in focused controls.
Provide information security training and awareness to various groups of Bank staff & stakeholders.
Required skills for the role:
Adequacy of personal competence to effectively maintain quality assurance for the bank’s information systems security in a manner that consistently meets established standards or benchmarks.
Good understanding of Information Security and control objectives
Interpersonal and advocacy skills
Appreciation of Audit methodologies
Fair understanding of Information Systems architecture and operational practices
University degree in Computer Science or Information Technology(M)
Minimum 3 years working experience, with 2 years’ experience in Information Security or Information Risk.
Certification in a system audit or security related area, such as CISA, CISM or CISSP or CRISC
Experience of working in the IT function within a banking environment will be an added advantage.
Working technical knowledge of ATMs will be an advantage.
Experience in audit of systems will be an advantage
Experience in performing analytical roles in complex business environments
Proven experience in implementing cyber security governance.
Kingdom Bank is a subsidiary of the Co-operative Bank of Kenya, following its acquisition of Kingdom Bank in August 2020. We are now part of a Group with over Kes. 457 Billion total assets and Kes 20.7 Billion profit before tax as at 31 December 2019.
Kingdom Bank Towers, Argwings Kodhek Road, Kilimani.