Information Risk Manager

Posted Yesterday
Be an Early Applicant
Hiring Remotely in Kenya
Remote
Senior level
Fintech • Software • Financial Services
The Role
Lead a team to review projects and controls across lifecycle phases, develop and implement risk policies and standards, manage incidents, ensure disaster recovery and business continuity, recommend security enhancements, support audits and remediation, and present risk findings to senior management.
Summary Generated by Built In

KEY RESPONSIBILITIES: MUST NOT BE MORE THAN 10

  1. Carry out reviews along the various phases of a project’s lifecycle as detailed in the bank’s Project Management framework to ensure that all delivered systems comply;

  2. Provide guidance in resolving IS audit findings and lead the development of reports and corrective action plans;

  3. Provide guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations;

  4. Develop and implement Risk Management Policies, procedure, standards and guidelines based on best practice benchmarking COBIT, ISO/IEC 270001, NIST, ITIL and other relevant standards;

  5. Review and recommend appropriate security enhancement  of our network by evaluating network design and ensure implementation of effective firewall security policies;

  6. Manage incidents and complaints about ICT Services;

  7. In liaison with IT ensure effective change management process is in place;

  8. Review and evaluate system backup and disaster recovery standards for the bank, follow up on the implementation and provide support to ICT Department to ensure quick recovery in the event of disaster;

  9. Reviewing the Business Continuity Programme for effectiveness and completeness and recommend appropriate action;

  10. Reviewing  System Security Configurations for effectiveness and recommend appropriate settings;


MINIMUM POSITION QUALIFICATION REQUIREMENTS

  1. Academic & Professional
ParticularsDetailSpecific Field or QualificationNeed Type[1]Education Bachelors DegreeBSc (Computer Science) or related field; BBIT; Information Systems

RQ

Professional QualificationsCISSP, CISA, CISM, CRISC

RQ

Masters DegreeAdded advantage

AA


  1. Experience

Total Minimum No of Years Experience Required



4


Detail

Minimum No of Years

Need Type[2]

Information security

4

ES

Systems audit

3

ES

Forensics

1

DE

Operations risk

2

ES

Change and project management

2

DE


[1] Need Types are : RQ = Required, AA = Added Advantage


[2] Need Types are: ES = Essential, DE = Desirable but not Essential

Responsibilities
  • Lead and mentor a team of Information Risk Managers and Analysts, fostering a collaborative and high-performing environment.
  • Conduct comprehensive reviews and provide independent assurance on projects, cybersecurity, and governance initiatives.
  • Offer objective and insightful recommendations to enhance the bank's information systems and ICT infrastructure.
  • Ensure the bank's data and systems are secure and compliant with industry standards and regulations.
  • Stay updated with emerging technologies and trends, identifying potential risks and opportunities for the bank.
  • Collaborate with various departments to understand their information risk needs and provide tailored solutions.
  • Develop and implement risk assessment frameworks and methodologies to identify and mitigate potential risks.
  • Prepare and present risk reports to senior management, offering clear and actionable insights.
  • Build and maintain strong relationships with internal stakeholders and external partners to ensure effective risk management.
  • Stay informed about industry best practices and contribute to the bank's overall risk management strategy.
Qualifications
  • Bachelor's degree in Computer Science, Information Technology, or a related field, with a Master's degree preferred.
  • Minimum of 8 years of experience in information risk management, with a proven track record of leading teams.
  • Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification is an advantage.
  • Strong knowledge of information security principles, risk assessment methodologies, and industry standards.
  • Excellent leadership and mentoring skills, with the ability to inspire and develop a high-performing team.
  • Analytical mindset with a problem-solving approach, able to identify risks and propose effective solutions.
  • Effective communication skills, both written and verbal, to present complex information to diverse audiences.
  • Ability to work independently and manage multiple projects simultaneously, ensuring timely delivery.
  • Strong interpersonal skills to build relationships and collaborate with stakeholders at all levels.
  • A proactive and innovative mindset, constantly seeking opportunities to enhance the bank's information risk management practices.

Skills Required

  • Bachelor's degree in Computer Science, Information Technology, Information Systems, or related field
  • Master's degree (preferred)
  • Professional certifications: CISSP, CISA, CISM, CRISC
  • Minimum of 8 years' experience in information risk management
  • Information security experience (minimum 4 years, essential)
  • Systems audit experience (minimum 3 years, essential)
  • Operations risk experience (minimum 2 years, essential)
  • Change and project management experience (minimum 2 years, desirable)
  • Digital forensics experience (minimum 1 year, desirable)
  • Proven track record of leading and mentoring information risk/security teams
  • Knowledge and application of cybersecurity frameworks and standards (COBIT, ISO/IEC 27001, NIST, ITIL)
  • Experience developing risk management policies, procedures, standards and guidelines
Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Nairobi, Kenya
6,751 Employees
Year Founded: 1896

What We Do

KCB Group, is the largest financial services organization in East Africa in terms of asset size. The Group's headquarters are located in Nairobi, Kenya, with subsidiaries in Kenya, Rwanda, Southern Sudan, Tanzania, Uganda and Burundi. In 2015, KCB Group opened a representative office in Ethiopia, expanding the growth of the organization. The Bank is over 124 years old having started in Mombasa in 1896. KCB Group has over 354 branches, 26,394 Agents/POS Merchants and 1,103 ATMs. The bank also offers Mobile Banking though the KCB App, Internet Banking and Diaspora Banking Services platform that can be accessed 24/7 basis. The Bank services over 26.8 million customers across the region. KCB Group is the largest financial services organization in East Africa, with an estimated asset base of approximately Ksh. 1.02 trillion as at the of end H1 2021.

Similar Jobs

KCB Bank Group Logo KCB Bank Group

Senior Manager, Information Risk

Fintech • Software • Financial Services
Remote
Kenya
6751 Employees

Athena (athena.com) Logo Athena (athena.com)

Manager, Operations

Software • Business Intelligence • Consulting
Remote
Nairobi, KEN
4471 Employees

Teltonika IoT Group Logo Teltonika IoT Group

Sales Representative

Hardware • Information Technology • Internet of Things • Industrial
Remote
Nairobi, KEN
2500 Employees

Teltonika IoT Group Logo Teltonika IoT Group

Business Development Representative

Hardware • Information Technology • Internet of Things • Industrial
Remote
Nairobi, KEN
2500 Employees

Similar Companies Hiring

Hanover Park Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
42 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account