![Inkomoko](https://carrierwave.fuzu.com/employers/c1465817-c5f4-4a9a-855b-5f32e707f5e5.jpg)
Senior Information Security Officer
4 weeks ago
About the Opportunity
The Senior Information Security Officer (SISO) will be responsible for ensuring the security and integrity of an organization's information and technology systems.
The Senior Information Security Officer plays a crucial role in safeguarding an organization's information assets and ensuring the confidentiality, integrity, and availability of sensitive data.
The successful candidate will be reporting to the IT Director with a dotted line to the Senior IT Infrastructure and Systems Administrator.
Information Security Strategy and Governance:
Develop and implement an organization-wide information security strategy aligned with business objectives.
Establish and maintain information security policies, standards, and procedures.
Provide guidance and direction to senior management on information security matters.
Chair the Information Security Steering Committee or equivalent governance body.
Risk Management and Compliance:
Identify, assess, and prioritize information security risks.
Develop and implement risk mitigation strategies and controls.
Ensure compliance with relevant laws, regulations, and industry standards (e.g., Local DPA, GDPR, ISO 27001, SOC1 & SOC2).
Conduct regular security assessments and audits to assess compliance and identify areas for improvement.
Security Operations:
Oversee the operation of security controls and technologies, including firewalls, intrusion detection/prevention systems, and endpoint protection.
Monitor and analyze security alerts and incidents, leading incident response and investigation efforts.
Coordinate with internal teams and external partners to remediate security vulnerabilities and threats.
Security Awareness and Training:
Develop and deliver information security awareness programs for employees, contractors, and third-party vendors.
Provide training on security policies, procedures, and best practices to promote a culture of security awareness and compliance.
Security Architecture and Engineering:
Collaborate with IT teams to design and implement secure systems and networks.
Review and approve system architecture and design changes to ensure alignment with security requirements.
Evaluate and recommend security technologies and solutions to enhance the organization's security posture.
Incident Response and Business Continuity:
Develop and maintain an incident response plan and business continuity/disaster recovery plan.
Lead the response to security incidents, coordinating with internal teams and external stakeholders.
Conduct post-incident reviews and implement lessons learned to improve incident response capabilities.
Vendor and Third-Party Risk Management:
Assess and manage security risks associated with third-party vendors and service providers.
Establish security requirements for vendor contracts and agreements.
Monitor vendor compliance with security requirements and conduct periodic reviews and audits.
Other IT Infrastructure Duties:
The role holder should expect to support any other IT duties as allocated by the IT Director and the Sr IT Infrastructure and System Admin.
Continuous Improvement:
Monitor the effectiveness of security controls and processes and recommend improvements.
Stay informed about the evolving threat landscape and adjust security strategies accordingly.
Requirements
Minimum Qualifications
Bachelor's degree in Computer Science, Information Security, or a related field. Advanced degree and professional certification (CompTia S+, CISSP, CISM, CISA, CISO) is preferred.
5-7 years of experience in information security, with a proven track record of progressively increasing responsibility and leadership.
In-depth knowledge of information security principles, practices, technologies, and standards.
Strong understanding of regulatory requirements and industry best practices related to information security (e.g., Local DPA, GDPR, ISO 27001, SOC1 & SOC2).
Proficiency in security tools and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, encryption, SIEM (Security Information and Event Management), and DLP (Data Loss Prevention) solutions.
Strong knowledge of emerging cybersecurity threats and trends.Experience leading incident response and managing security incidents.
Excellent communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
Strong analytical and problem-solving skills, with the ability to analyze security risks and develop effective risk mitigation strategies.
Ability to work collaboratively with cross-functional teams and external partners to achieve common security objectives.
What You'll Get
This role is inside a high-growth, mission-driven social enterprise
By joining, you'll access:
Competitive salary, and potential Goal-based bonus
Incredible company culture, including deep investment in your learning and growth
Diverse colleagues and policies that show our commitment to equity and inclusion
Talented, passionate, and committed team colleagues across the region
Ability to make a significant social impact to your community
Generous health insurance, staff savings, parental leave, sabbatical, and more benefits.
-
Information Security Senior Officer at
4 weeks ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of passionate individuals working together to conserve biodiversity and ensure sustainable livelihoods.Our mission is to rebalance the planet by building strong forests and healthy communities worldwide.Position Summary:The Technology department drives the strategic Digital Product Roadmap for Rainforest Alliance,...
-
Information Security Senior Officer at
1 month ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of passionate individuals working together to conserve biodiversity and ensure sustainable livelihoods.Our mission is to rebalance the planet by building strong forests and healthy communities worldwide.Position Summary:The Technology department drives the strategic Digital Product Roadmap for Rainforest Alliance,...
-
Information Security Senior Officer at
2 weeks ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of people who are inspired and committed to working together to achieve our mission of conserving biodiversity and ensuring sustainable livelihoods. Through creative, pragmatic collaboration, we aim to rebalance the planet by building strong forests and healthy communities around the world.Position summary: The...
-
Information Security Senior Officer at
2 weeks ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of people who are inspired and committed to working together to achieve our mission of conserving biodiversity and ensuring sustainable livelihoods. Through creative, pragmatic collaboration, we aim to rebalance the planet by building strong forests and healthy communities around the world.Position summary: The...
-
Senior Officer, Information Security at
4 weeks ago
Nairobi, Nairobi Area, Kenya SBM Bank Full timeSBM Bank Kenya is a leading and trusted financial institution with an international footprint, headquartered in Mauritius and positioned to offer an unprecedented banking experience in Kenya to niche Retail, SME and corporate clientsJOB SUMMARY:Senior Officer, Information Security (Endpoint Security) is responsible for safeguarding the organization's...
-
Senior Officer, Information Security at
2 months ago
Nairobi, Nairobi Area, Kenya SBM Bank Full timeSBM Bank Kenya is a leading and trusted financial institution with an international footprint, headquartered in Mauritius and positioned to offer an unprecedented banking experience in Kenya to niche Retail, SME and corporate clientsJOB SUMMARY:Senior Officer, Information Security (Endpoint Security) is responsible for safeguarding the organization's...
-
Senior Information Security Officer at
2 weeks ago
Nairobi, Nairobi Area, Kenya Communications Authority of Kenya Full timeThe Communications Authority of Kenya is the regulatory authority for the communications sector in Kenya. Established in 1999 by the Kenya Information and Communications Act, 1998, the Authority is responsible for facilitating the development of the Information and Communications sectors including; broadcasting, multimedia, telecommunications, electronic...
-
Senior Information Security Officer at
2 weeks ago
Nairobi, Nairobi Area, Kenya Communications Authority of Kenya Full timeThe Communications Authority of Kenya is the regulatory authority for the communications sector in Kenya. Established in 1999 by the Kenya Information and Communications Act, 1998, the Authority is responsible for facilitating the development of the Information and Communications sectors including; broadcasting, multimedia, telecommunications, electronic...
-
Senior Officer, Information Security
4 weeks ago
Nairobi, Nairobi Area, Kenya SBM Bank Full timeABOUT THE COMPANYNow present in Kenya, SBM Bank (Kenya) Limited reaches out to more customers' needs through its 10 branches in the country, namely 6 in Nairobi and 4 in Mombasa. Through this acquisition, SBM Group now has its footprint on the African continent.SBM, a growing international financial institution in Africa, provides a wide range of corporate...
-
Senior Officer, Information Security
1 month ago
Nairobi, Nairobi Area, Kenya SBM Bank Full timeABOUT THE COMPANYNow present in Kenya, SBM Bank (Kenya) Limited reaches out to more customers' needs through its 10 branches in the country, namely 6 in Nairobi and 4 in Mombasa. Through this acquisition, SBM Group now has its footprint on the African continent.SBM, a growing international financial institution in Africa, provides a wide range of corporate...
-
Nairobi, Nairobi Area, Kenya World Vision Kenya Full timeWorld Vision is an international Christian relief, development and advocacy organisation working in almost 100 countries world-wide to create lasting change in the lives of children, families and communities to overcome poverty and injustice.Key Responsibilities:*This position is open for candidates based in any country where World Vision International is...
-
Nairobi, Nairobi Area, Kenya World Vision Kenya Full timeWorld Vision is an international Christian relief, development and advocacy organisation working in almost 100 countries world-wide to create lasting change in the lives of children, families and communities to overcome poverty and injustice.Key Responsibilities:*This position is open for candidates based in any country where World Vision International is...
-
Nairobi, Nairobi Area, Kenya World Vision Kenya Full timeWorld Vision is an international Christian relief, development and advocacy organisation working in almost 100 countries world-wide to create lasting change in the lives of children, families and communities to overcome poverty and injustice.Key Responsibilities:*This position is open for candidates based in any country where World Vision International is...
-
Information Security Officer at
4 weeks ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of people who are inspired and committed to working together to achieve our mission of conserving biodiversity and ensuring sustainable livelihoods. Through creative, pragmatic collaboration, we aim to rebalance the planet by building strong forests and healthy communities around the world.Position summary: The...
-
Information Security Officer at
1 month ago
Nairobi, Nairobi Area, Kenya Rainforest Alliance Full timeThe Rainforest Alliance is a growing network of people who are inspired and committed to working together to achieve our mission of conserving biodiversity and ensuring sustainable livelihoods. Through creative, pragmatic collaboration, we aim to rebalance the planet by building strong forests and healthy communities around the world.Position summary: The...
-
Senior Information Security Officer
11 hours ago
Nairobi, Nairobi Area, Kenya Communications Authority of Kenya Full timeABOUT THE COMPANYThe Communications Authority of Kenya is the regulatory authority for the communications sector in Kenya.Established in 1999 by the Kenya Information and Communications Act, 1998, the Authority is responsible for facilitating the development of the Information and Communications sectors including; broadcasting, multimedia,...
-
Senior Information Systems Security Office at
1 month ago
Nairobi, Nairobi Area, Kenya Development Bank of Kenya Full timeDevelopment Bank of Kenya Ltd. is a banking company based out of Loita Street, Nairobi, Nairobi, Kenya.Job PurposeThe role is responsible for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Bank's information security policies.Key...
-
Senior Information Systems Security Office at
2 weeks ago
Nairobi, Nairobi Area, Kenya Development Bank of Kenya Full timeDevelopment Bank of Kenya Ltd. is a banking company based out of Loita Street, Nairobi, Nairobi, Kenya.Job PurposeThe role is responsible for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Bank's information security policies.Key...
-
Senior Information Systems Security Office at
4 weeks ago
Nairobi, Nairobi Area, Kenya Development Bank of Kenya Full timeDevelopment Bank of Kenya Ltd. is a banking company based out of Loita Street, Nairobi, Nairobi, Kenya.Job PurposeThe role is responsible for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Bank's information security policies.Key...
-
Senior Information Systems Security Officer
1 month ago
Nairobi, Nairobi Area, Kenya Corporate Staffing Services Full timeIT job opportunities. Job PurposeThe role is responsible for all assurance activities related to the availability, integrity, and confidentiality of customer, business partner, employee, and business information in compliance with the Bank's information security policies.Key Duties and ResponsibilitiesOverseeing and implementing the bank's cyber security...