Job Description
Job Description
Senior Officer; Cyber Security Governance, Risk and Control - (21000606)
DESCRIPTION
We are pleased to announce the following vacancy in the Cyber Security Department within the Corporate Security division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:
Reporting to the Senior Manager - Cyber Security Governance, Risk and Control, the successful candidate will be responsible for ensuring that the organization’s cyber security risks are under explicit management control and as well coordinate strategic integration of cyber security programs within Safaricom. He or she will be part of the team that drives compliance to internal and global cyber security related policies and standards, Vodafone Cyber Security Baseline controls and applicable Kenyan laws and regulations.
Key Responsibilities:
Continually review and update security policies, standards and guidelines in response to the ever-changing cyber threats in coordination with Enterprise Risk Management team.
Monitor and drive compliance to internal and global cyber security related policies and standards, Cyber Security Baseline benchmarking controls and applicable Kenyan laws and regulations.
Coordinate stakeholders to deliver on targets or agreed business outcomes.
Coordinate periodic independent assurance of critical products and services.
Coordinating implementation of recommendations from independent assessments.
Conduct cyber risk assessments to determine cyber risk profile and define treatment plans.
Recommend cyber security services improvement plans.
Coordinate projects handover process within the cyber security functions.
Continually review, implementation and improvements of the user access governance process.
Coordinate periodic cyber security knowledge transfer, awareness sessions and phishing simulations to staff in line with strategy.
Support implementation of the Managed Security Services strategy and roadmap.
Participate actively in cyber security events and trade shows, reporting and presentations.
Communications, reporting and presentations skills.
QUALIFICATIONS
Bachelor’s Degree in Electrical Eng./Computer Science/ Information Technology (or equivalent) from a recognized university.
At least one professional Certification: CISM/CISA/CISSP/CEH/CCNA/CCNP(Security)
At least 2+ years proven experience with Cyber Security related Standards (ISO 27001, PCI-DSS, etc.).
Proven experience with GDPR, Kenyan Data Protection laws, CBK guidelines on Cyber Security amongst others.
At least 2+ years of hands on experience in managing Cyber Security technologies and operations.
Analytical and problem-solving skills are required.
Good report writing and communication skills.
Analytical Thinking.
Customer focused.
Proven experience in coordinating teams and managing stakeholders.
Note to Applicants
As part of the interview process, external candidates should prepare the following documentation which will be required as soft copies at a later stage based on your performance in the interviews/assessments.
a) An updated CV with contacts of three referees, 2 who must be professional and must have supervised you at some point, the other referee can be a colleague in the same professional field.
b) Kenyan Certificate of Good Conduct (Less than 1 year old) or a receipt of the same from the CID pending release of the hardcopy document.
c) Clearance certificate from a reputable Credit Reference Bureau (CRB).
d) University Diploma/Degree Certificate/ Letter of completion from University in case you have not received your diploma/degree certificate.
e) National ID/Passport.
Persons with Disabilities (PwD) and Female candidates are highly encouraged to apply