MANAGER, RISK ASSESSMENTS

Reporting to the Head, Information Risk, the job holder will be responsible for monitoring, evaluation and reporting of IT related risks including risk assessments, ensure that subsidiaries meet KCB Group standards and anticipate potential threats and vulnerabilities to enable the bank take advantage of emerging technologies.

Responsibilities

• Conduct scheduled IT risk assessment to ensure all risks have been identified have been, brought to the attention of management and appropriate control measures implemented to mitigate risk;
• Coordinate self-assessments, gap assessments, risk acceptance and other control related efforts with the business, controls and compliance functions;
• Provide information risk consultation and guidance during system, application development and e-product development to assure that security concerns are fully addressed in the process;
• Conduct operating systems, application security including web application and database security risk assessment  and report findings to management;
• Conduct logical and physical access control risk assessment to ensure systems security is not compromised;
• Be involved in scheduled penetration testing to uncover any loopholes in the bank’s network;
• Review and accredit newly developed systems before deployment in live environment;
• Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with IT department on effective responses or control measures;

The Person

• A University degree from an institution recognized by Commission for University Education in a relevant field in Information Technology or Computer Science.
• Must be Certified in one or more of the following; CISSP, CISA, CISM, CRISC
• Masters degree will be an added advantage.
• At least three (4) years working experience in Information Security and Operations Risk.
• Experience in Change & Project Management.
• Experience in Systems Audit & Forensics will be an added advantage.
• Demonstrate high integrity.
• Good data analytical skills, both financial and non-financial.
• Training in Risk management.
• Good communication, planning and organization skill.

The above position is demanding for which the bank will provide a competitive package for the successful candidates.  If you believe you can clearly demonstrate your abilities to meet the criteria given above, please submit your application with a detailed CV, stating your current position, remuneration level e-mail and telephone contacts quoting the job title/reference in the subject field to recruitment@kcb.co.ke

To be considered your application must be received by Nov. 14, 2014.

Only short listed candidates will be contacted.

JOB REF: RISK 06/2014