Job career at Co-operative Bank in Kenya 2013
We are looking for dynamic, creative and self oriented professional to fill the position of:
IT Risk and Controls Manager
The successful person will report to the Head ICT Risk & Control Department.
As an IT Risk and Controls Manager the role holder will be responsible for providing continuous independent assurance on the bank’s Information Security as regards confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Information Security Policy.
- Implementation and evaluation of technology controls for Core systems, Database management systems, application systems and network infrastructure.
- Manage internal audits on information security processes, controls and systems.
- Provide guidance and consultation on projects for IT Security related risks and issues.
- Educate and train employees about their information security responsibilities in line with the Bank policy on information security
- Monitoring and managing all information security breaches and handling security incidents, taking remedial action to prevent recurrence wherever possible.
- Review of operating and information systems.
- Development of/involvement in independent review of technology related procedures, product programs to ensure that the appropriate infrastructure is incorporated into the different business initiatives and the bank technology policies are respected.
- Review of all relevant system logs to identify and address activity that is not consistent with set out Information Security guidelines and standards.
- Carry out Information Security reviews along the various phases of a project’s lifecycle as detailed in the Bank’s Project Management framework.
- Carry out business continuity related checks for IT systems in primary and disaster recovery sites.
- Provide interpretation of the Information Security policies to the Business.
- Lead businesses in development of action plans as a result of gap assessment findings, and/or ethical hacking results.
- Keep abreast of application, product and system development within the business and appraise the effect and appropriateness of planned changes to the existing control framework.
- Bachelor’s degree in Computer Science or Information Systems from a recognized university
- Possess relevant Information Security Certification such as CISSP, CISA / CISM, ISO/IEC 27001.
- 3 years working experience in information security within a large and highly computerised organization. Prior working experience in a Bank will be an added advantage.
- Understanding of risk and systems security control processes.
- Good understanding of CAAT’s (Computer assisted audited tools).
- Poses knowledge on cryptography and encryption solutions.
- Understanding of end point security on IEEE 802.1x standards.
- Good understanding of PCI-DSS and ISO27001 standards.
We are an equal opportunity employer.
Please quote this reference on your application and on the envelope: IT RISK AND CONTROL MANAGER – ISO/3/HRD/2013.
Human Resources Division
Co-operative Bank of Kenya Ltd.
P.O. Box 48231-00100