Jobs in Kenya - ICT Risk Manager
04:27Description
ICT RISK MANAGER
Are you looking for an employer who promotes individual excellence and mutual respect in a team-driven culture with a key focus on social empowerment? The Co-operative Bank of Kenya, “The Kingdom bank” is the place for those looking to new horizons. If you can easily identify and assess threats, put plans in place for ‘if things go wrong’ and decide how to avoid, reduce or transfer risks in an IT environment then this is the perfect career move for you.
Are you looking for an employer who promotes individual excellence and mutual respect in a team-driven culture with a key focus on social empowerment? The Co-operative Bank of Kenya, “The Kingdom bank” is the place for those looking to new horizons. If you can easily identify and assess threats, put plans in place for ‘if things go wrong’ and decide how to avoid, reduce or transfer risks in an IT environment then this is the perfect career move for you.
We have an exciting opportunity for an ICT Risk Manager to join our ICT Risk & Control team. Reporting to the Head – ICT Risk & Control, the role holder will be responsible for providing continuous independent assurance on the bank’s Information Security with regards to confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Bank’s Information Security Policy.
The Role
Specifically, the successful jobholder will be required to:
- Implement and evaluate technology controls for Core Banking systems, Database management systems, application systems and network infrastructure.
- Conduct application risk assessments including privacy vendor reviews and web applications vulnerability reviews.
- Continuously review system logs at all levels i.e. routers, switches, firewalls, systems and applications to detect any anomalies and remediate them.
- Perform network security monitoring and reporting including patch management, version management, anti-virus, windows security, password violations, Virtual Private Network (VPN) and other exception monitoring.
- Actively review database logs and audit trails then report daily.
- Pro-actively enforce and plan to ensure all noted risks are mitigated and potential threats addressed immediately.
- Be involved in providing forensic data to all reviewers i.e. investigators, analysts etc.
- Ensure all systems interfaces are secured from any intrusion and all users’ activities are logged, detailed and are traceable.
- Provide guidance on all system deployment, upgrades and changes.
- Review all security-related issues logged by users and analyse trends as relates to systems security management as well as manage all external parties’ access to bank infrastructure and systems and have detective measures in place to monitor any intrusion.
- Pro-actively and comprehensively provide guidance on tools required to effectively manage and control bank systems environment.
- Ensure all sensitive and confidential bank information is protected and infrastructure network LAN / WAN are secure from any intrusion.
- Provide and analyse departmental self-assessment reports on all systems controls to assist in focused controls.
- Attend relevant training on emerging trends and practices within the Information Security field and network with the relevant associations so as to keep abreast with industry trends and to achieve world-class information security practices.
0 comments