#IkoKaziKE
Back to jobs

Information Security Officer

Consolidated Bank Of Kenya

full time Nairobi Posted 1 day ago

Qualifications and Competencies

  • Bachelor’s degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, Information Systems, or a related field from a recognized institution.

  • Professional certifications such as CISA, CISM, CISSP, CEH, CompTIA Security+, ISO 27001 Lead Implementer/Auditor, or related certifications will be an added advantage.

  • At least three (3) years relevant work experience in information security, cybersecurity,

  • ICT risk management, or related field, preferably in the banking or financial services sector.

  • Demonstrated knowledge of information security frameworks, standards, and regulatory requirements.

  • Proficiency in cybersecurity tools, network security, vulnerability management, and incident response processes.

  • Developing, implementing, and maintaining the Bank’s information security policies, procedures, standards, and guidelines.

  • Monitoring the Bank’s ICT environment to identify, assess, and mitigate cybersecurity risks and vulnerabilities.

  • Coordinating information security risk assessments, audits, and compliance reviews.

  • Managing security incidents, investigations, reporting, and response activities to minimize operational disruptions and losses.

  • Conducting continuous monitoring of network security, endpoint protection, access controls, and data protection measures.

  • Supporting implementation and management of cybersecurity tools, systems, and technologies.

  • Ensuring compliance with applicable regulatory requirements, data protection laws, and industry security standards.

  • Coordinating user access management and reviewing system privileges to ensure appropriate segregation of duties and least privilege principles.

  • Conducting staff awareness programs and trainings on information security and cyber hygiene.

  • Preparing periodic information security reports, risk dashboards, and incident reports for management review.

  • Liaising with internal auditors, external auditors, regulators, and service providers on information security matters.

  • Supporting business continuity, disaster recovery, and cyber resilience initiatives within the Bank.

  • Keeping abreast with emerging cybersecurity threats, trends, technologies, and best practices and advising management appropriately.

  • Participating in implementation of ICT projects to ensure security requirements are integrated into systems and processes.

Details / Apply for this job