Information Security Manager at CDL Human Resource

CDL was founded in early 2003 by its current Managing Director Lucy Mmari.Within her 14 year tenure in a well established logistics company, She honed her skill in human resources management and thereafter started CDL.

 

Information Security Manager

  • Job TypeFull Time
  • QualificationBA/BSc/HND
  • Experience5 years
  • LocationNairobi
  • Job FieldICT / Computer 

The Manager of Information Security is responsible for information technology (IT) risk management, which entails risk assessments, policy formulation, awareness and education, compliance reviews, and controls monitoring, all with regards to the Bank’s IT environment.

Key Responsibilities

Financial

  • Assess and manage financial risks associated with information security breaches, including potential financial losses due to data breaches or cyberattacks.
  • Identify and analyze risks through review of metrics and key risk indicators to determine the materiality in terms of financial loss, reputation, and regulatory risk, and the likelihood of such risks occurring.
  • Ensure appropriate action plans and delivery dates are in place to address material risks or regulatory issues identified, and track these actions to completion.
  • Develop and maintain IT risk management policies in line with industry best practices and regulatory requirements.

Customer

  • Safeguard customer data and privacy by implementing and enforcing robust security measures, such as encryption, access controls, and data protection protocols.
  • Educate customers about best practices for securing their accounts and personal information, including password management, phishing awareness, and safe browsing habits.
  • Address customer inquiries and concerns related to information security, providing timely and accurate responses to maintain trust and confidence in the bank's services.

Internal Business Process

  • Develop and enforce information security policies, procedures, and guidelines in alignment with regulatory requirements and industry standards.
  • Conduct vulnerability assessments, penetration testing, and health checks on the Bank’s computer systems to identify system vulnerabilities that can be exploited by external and internal threats and ensure that these vulnerabilities are effectively remediated.
  • Review technology-related contracts with third parties and any requests for policy/standard exceptions to ensure that risks are not introduced into the Bank’s environment.
  • Provide technical risk-related support to projects, from inception through to successful implementation, to ensure that adequate security is in-built into computer systems being introduced into the Bank’s environment.
  • Participate in and recommend improvements to policies, processes, and procedures to ensure all applicable regulatory requirements are fulfilled.
  • Conduct quarterly awareness and education sessions to cultivate a security-aware culture within the Bank that promotes the responsible and secure use of information and computer systems.
  • Ensure compliance with all banking laws and regulations, industry standards, and internal Bank policies related to IT risk management.
  • Update and maintain a compliance matrix of all regulatory requirements, key policy requirements, and policy updates recommended by auditors.
  • Provide guidance to all departments on topics related to IT risk management to achieve compliance with policies and standards, staying within the risk appetite of the Bank.
  • Continuously update risk assessments and IT security monitoring given the latest threats, adjusting accordingly to reflect the latest trends.
  • Coordinate with internal stakeholders, such as IT teams, compliance officers, and senior management, to ensure alignment of security initiatives with business objectives and regulatory requirements.

Functional Responsibilities

  • Monitor internal and external threats, and examine logs, events, and alerts generated by multiple platforms for anomalous activity, evidence of security incidents, and other error conditions that may constitute a breach in security or degradation of integrity or confidentiality of the Bank’s information and computer systems.
  • Implement appropriate reporting and escalation of all significant risks through periodic reports and priority notifications to ensure transparency of risks and appropriate measures in place to reduce risks to within the Bank’s risk appetite.
  • Respond to escalations and queries; hold regular discussions with the IT Department; and employ other means available to ensure that appropriate measures are taken to minimize exposure to risk.
  • Prepare and present regular reports and updates on the bank's information security status, including metrics, incidents, and remediation efforts, to senior management and stakeholders.

Requirements

Job Specification

Academic

  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Professional Qualifications & Experience

  • Proficiency in Microsoft Office Suite
  • Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Desired Work Experience

  • Minimum of 5 years of experience in in information security roles, preferably in the banking or financial services sector.
  • Experience in developing and implementing information security policies, procedures, and standards.
  • In-depth knowledge of banking operations, products, and 

Method of Application

Interested and qualified? Go to CDL Human Resource on cdl.zohorecruit.com to apply

Comments

Post a Comment

Popular posts from this blog

Operations Associate at Kopo Kopo Inc

Kopo Kopo was launched in 2012 where we partnered with Safaricom to bring Lipa na M-Pesa Buy Goods service to small and medium businesses throughout Kenya and, today, we serve thousands of businesses from salons to restaurants to office supply stores, to schools. We have since partnered with other aggregator and mobile money partners with the ultimate goal of helping businesses leverage mobile payments. We are grateful for our unusual journey and look forward to helping our merchants in growing and prosper in the years ahead.   Operations Associate Job Type Full Time Qualification BA/BSc/HND Experience Location Nairobi Job Field Customer Care  Salary Range KSh 50,000 - KSh 100,000/month The Job:   The role will combine aspects of customer service and operations duties. Ultimately, you will be responsible for quickly solving problems for businesses that rely on Kopo Kopo’s technology. You will ensure that Kopo Kopo’s information systems are kept up to date, and will engage...
Read more

Senior Communications Officer at Natural State

Through large-scale restoration and rewilding, NATURAL STATE secures biodiversity, sequesters and stores carbon, and helps achieve the Sustainable Development Goals. Our goal at the NATURAL STATE research centre is to develop technology and financial systems that will catalyse large-scale restoration globally as well as help train future leaders for this...   Senior Communications Officer Job Type Full Time Qualification BA/BSc/HND Experience 8 years Location Nairobi Job Field Media / Advertising / Branding  Senior Communications Officer to lead our communications strategy, focusing on scientific, climate, and nature restoration initiatives. The ideal candidate will play a pivotal role in enhancing our brand presence, driving engagement, and conveying the impact of our work on preserving and restoring natural ecosystems. This position requires a blend of communications expertise, strategic thinking, and a deep understanding of climate, nature restoration, and scientific topics...
Read more

Project Director at LVCT Health

LVCT Health is an indigenous Kenyan non-governmental and not-for-profit organization established in 2001. We are driving Kenya towards HIV prevention, with an ultimate goal of reducing HIV infections to zero. We offer integrated HIV services through development of models that are scaled up to the national models. We also carry out sexual and reproductive ...   Project Director Job Type Full Time Qualification MBA/MSc/MA Experience 7 - 10 years Location Kiambu Job Field Medical / Healthcare  Job purpose The Project Director will be responsible for providing overall strategic and technical oversight to the Dhibiti Project in Central region. This includes responsibility for the technical, monitoring and evaluation and financial and operations components of the project. S/he will work closely with the Program Director and other directors/managers to ensure adherence to technical and contractual requirements of the grant, achievement of targets and project alignment to institutiona...
Read more