ICT Risk Officer at Co-operative Bank of Kenya

The Co-operative Bank of Kenya Limited is incorporated in Kenya under the Company Act and is also licensed to do the business of banking under the Banking Act. The Bank was initially registered under the Co-operative Societies Act at the point of founding in 1965. This status was retained up to and until June 27th 2008 when the Bank’s Special General Meeting resolved to incorporate under the Companies Act with a view to complying with the requirements for listing on the Nairobi Stock Exchange (NSE)

Summary

Reporting to Head – ICT Risk and Control, the role holder will provide continuous independent assurance of the bank’s Information Security as regards confidentiality, integrity, and availability of the IT Systems by ensuring that appropriate security controls are in place to protect the Bank’s assets. The role holder will also ensure that ICT-related risks are managed in compliance with the Bank’s policies, laws, regulatory guidelines, and applicable standards.

The Role

Specifically, the successful jobholder will be required to:

• Carry out ICT risk assessments of Co-operative Bank systems and provide recommendations for appropriate and adequate IT security controls to mitigate and minimize ICT Risks.


• Continuously review and improve the ICT controls in place.


• Continuously review systems at all levels i.e. servers, applications, database, network devices, etc., identify risks and make recommendations on closure of the risks


• Provide continuous assurance on ICT Risks on the Bank’s systems


• Evaluate ICT controls for all operating systems, applications, database management system interfaces, and networks across the Bank to ensure consistency in achieving compliance requirements (regulatory, standards, and internal policies).


• Promote Information security awareness within the Bank by providing consultation, guidance, and conducting relevant awareness programs to ensure an IS-compliant culture.


• Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with the ICT department on effective responses or control measures to be implemented to mitigate them.


• Manage ICT risk registers.


• Periodically perform vulnerability assessments & penetration tests on Bank systems and technology, identifying vulnerabilities and recommendations on the closure of these vulnerabilities.

Skills, Competencies, and Experience

The successful candidate will be required to have the following skills and competencies:

• A Bachelor’s degree in Information Technology, Information Security, or Computer Science.


• Relevant IT Security professional qualifications e.g. CISA, CISM, CEH, or other relevant security certifications.


• A minimum of 5 years of working experience in a similar role in a highly computerized environment.


• Experience in implementing Information Security Standards such as ISO 27001, COBIT.


• Understanding of ICT risk and systems security control processes


• Understanding of Information systems Architecture and operational practices


• Appreciation of Audit Methodologies.


• Experienced in Windows Enterprise servers or UNIX systems.


• Experience working in the IT function within a banking environment will be an advantage.


• Knowledge of cybersecurity good practices (Identity and Access Management, Data Protection, Penetration Testing, etc.)

The post ICT Risk Officer at Co-operative Bank of Kenya appeared first on Jobs in Kenya - http://jobcenterkenya.com/.

https://jobcenterkenya.com/ict-risk-officer-at-co-operative-bank-of-kenya/