Thursday, 18 November 2021

Ass. Manager, Information Security at Gulf African Bank

The genesis of Gulf African Bank (GAB) can be traced back to 2005, when a group of motivated Kenyans envisioned establishing an Islamic bank as an alternative to conventional banking in the country. By conducting business on the principles of Shari’ah, the bank would provide an ethical and fair mode of banking for all. Gulf African Bank is the first and largest Islamic Bank in Kenya and one of the fastest growing banks in the history of the banking sector of the country. The bank offers fully Shari’ah compliant products and services that address the needs of not just Muslims, but everyone in the country including individuals, corporate companies, and institutions. The bank was incorporated on August 9th, 2006 and started operations as a commercial bank in January 8th 2008, in a historic event, where it was granted the country’s first fully-fledged commercial banking license as a dedicated Islamic bank, by the Central Bank of Kenya.

Reports To: Senior Manager, Information Security

Job Purpose:

The jobholder is responsible for providing continuous independent assurance on the Bank’s information security as regards confidentiality, integrity and availability of the IT infrastructure, processing systems and related resources in line with the Information Security Policy.

Key Responsibilities

  • To monitor, maintain and protect the Bank’s networks, systems and assets for malicious activity using technologies such as Security Incident and Event Management (SIEM) and IDS systems.
  • To respond rapidly and effectively to cyber security incidents, managing them in a professional manor, including performing forensics for evidence gathering and preservation.
  • Identify, troubleshoot, diagnose, resolve and report the Bank’s security incidents; help coordinate and conduct investigations of suspected breaches
  • Support the unit in report preparation and incident documentation and subsequent follow-ups for closure.
  • Ensure information security solutions are consistent with the Information Security Policies &Standards and corporate architectural directions/directives and oversee deployment.
  • To carry out technical vulnerability assessments of IT systems to identify potential vulnerabilities, make recommendations to control identified risks and work with those individuals to ensure they are implemented
  • Conduct independent review of technology related procedures and/or product programs to ensure that the appropriate infrastructure is incorporated into the different business initiatives and that the Bank’s technology policies are respected.
  • Carry out Information security reviews along the various phases of projects lifecycles as detailed in the Bank’s project management framework.
  • Develop and maintain the Bank’s information Security policy, framework, and Governance structure in line with best practice and CBK regulations.
  • Lead business in development of corrective action plans as a result of gap assessment findings, and/or technical security assessment results.
  • Be aware of application, product and system development within the business and appraise the effect and appropriateness of planned changes to the existing control framework.
  • Review and Test the resilience and preparedness levels attributed to the Bank’s Business Continuity Plan and Disaster Recovery Plan.
  • Conduct Vendor Risk Management of the bank’s outsourced ICT services
  • Stay up-to-date on information technology trends and security standards.
  • Improve the Bank’s cyber security culture through conducting regular awareness trainings to all staff. This includes threat intelligence monitoring from the industry and related trends.

Requirements

Qualifications:

  • Bachelor’s degree in Information Technology or a Business related field.
  • Certified Information Systems Auditor certification (Preferred).
  • Certified Information Security Manager certification(Required)
  • Certified Information Systems Security Professional (Preferred)

Experience:

  • A minimum of 3 years banking experience in information technology control or related field within a large and highly computerized environment.
  • A minimum of 3 years’ experience in managing a Security Operations Team

Personal Attributes

  • Understanding of risk and systems security control processes.
  •  understanding of Information Security and control objectives.
  • Customer Service Skills.
  • Demonstrate leadership ability capacity.
  • Superior communication and inter-personal skills, including sound report writing and presentation skills.
  • Effective planning, organizing and problem solving skills.
  • Initiative and self-drive.
  • Able to work under minimal supervision.

The post Ass. Manager, Information Security at Gulf African Bank appeared first on Jobs in Kenya - http://jobwebkenya.com/.



The post Ass. Manager, Information Security at Gulf African Bank is republished from Jobs – Jobs in Kenya – http://jobwebkenya.com/