Information Security Officer

Responsibilities

• Review of KB’s critical systems, recommendation, and implementation of appropriate and adequate IT security controls to mitigate and minimize information security risks. Continuous review of controls in place to identify and close gaps and provide continuous assurance on the security of the bank’s information systems
• Consistency in achieving compliance requirements, optimal efficiency, and cost containment with regard to information systems security
• Robustness of the bank’s information system security and effectiveness of systems (policies, processes, procedures and tools) in escalating and investigating with IS security violations
• Adequacy of personal competence to effectively maintain quality assurance for the bank’s information systems security in a manner that consistently meets established standards or benchmarks.
• Perform continuous reviews of users of systems with emphasis on exits, joiners and internal movements, and take appropriate corrective actions where there are deviations. Liaise with business heads to continuously confirm and update the rights and privileges of users in the bank.
• Perform continuous review of systems, including technical penetration testing and vulnerability assessment of systems. Communicate findings with IT management and follow up issues to closure
• Perform daily reviews of logs and audit trails of key and critical KB systems as per the program of work.
• Provide IT security support for the IT related projects carried out during the year, ensuring compliance with JBB policies and best practice.
• Provide IT security support to Security Services and Internal Audit
• Carry out an effective information security awareness program in the bank.
• Keep abreast of the fast-changing information systems exposures/ threats and ensure that adequate and up-to-date information systems security measures are in place for the maximum protection of KB information assets.