Monday 1 November 2021

IT Risk And Security Manager at KEMRI Wellcome Trust Research Programme (KWTRP)

The KEMRI Wellcome Trust Research Programme (KWTRP) is based within the KEMRI Centre for Geographic Medical Research – (Coast). Our core activities are funded by the Wellcome Trust. We conduct integrated epidemiological, social, laboratory and clinical research in parallel, with results feeding into local and international health policy. Our research platforms include state-of-the-art laboratories, a demographic surveillance system covering a quarter of a million residents, partnership with Kilifi County Hospital in health care and hospital surveillance, a clinical trials facility, a vibrant community engagement programme and a dedicated training facility. The KWTRP leadership includes the Executive Director Philip Bejon, the KEMRI Centre Director Benjamin Tsofa, the Ag. Nairobi Programme director Mike English and the Chief Operating Officer Catherine Kenyatta. Our Vision to establish long term sustainable capacity for research in human health that improves global health. Our Mission to deliver high quality research relevant to global health and to build local capacity for undertaking research. Aims of the programme •To conduct research to the highest international scientific and ethical standards on the major causes of morbidity and mortality in the region in order to provide the evidence base to improve health. •To train an internationally competitive cadre of Kenyan and African research leaders to ensure the long term development of health research in AfricaReference Number: ITRSM-25102021

JOB PURPOSE: 

To manage the Programme’s IT Security Function. The Information Security Manager serves as the process owner for all ongoing activities that provides appropriate access to systems and protect the confidentiality, integrity and availability of information in the organisation.

REPORTING LINES:

  1. Head of ICT
  2. IT Security Team

BUDGET RESPONSIBILITY: 

  1. Influences the management of resources in order to plan, estimate and carry out IT Security function to deliver work on time, within budget and implement quality targets in accordance with appropriate standards.

KEY RESPONSIBILITIES:

  1. Ensures KWTRP is least exposed to fraud Losses by implementing technology prevention and detection measures.
  2. Maintains the data protection process and ensures effective data loss prevention measures and controls are implemented in the organisation.
  3. Advises on Information Security tools and methods necessary to support the KWTRP’s Information Security Strategy.
  4. Maintains and enforces the system risk management and Information security risk management framework/methodology.
  5. Monitors and records IT vulnerability risk register in compliance with the Security Standards, Policies and Architecture.
  6. Identifies and analyses system vulnerabilities to manage and mitigate risks and use forensic technology to assist in any breach investigation.
  7. Performs system risk assessment and gap analysis for all technologies, products, services, departments, and vendors.
  8. Establishes, reviews, and verifies the system risk and Information security risk related policies, standards and procedures documentation.
  9. Implements the IT Security governance structure, Information Security Policy and Standards in line with minimum baseline security Standards and industry best practices and regulations.
  10. Promotes and continuously improves Information Security posture of the organization.
  11. Communicates with management to ensure support for the information security program.
  12. Formulates and reports appropriate Technology Security metrics to management.
  13. Work with Service desk to create an enterprise-wide Information Security education and awareness campaign.

REQUIREMENTS

QUALIFICATIONS:

  1. A Bachelor of Science in Computing or related degree from a recognised University.
  2. Possession of MBA or M.Sc. in Computing or related field is an added advantage.
  3. Must possess at least one internationally recognizable IT security certification such as CISM, CISSP, CISA, CASP, MCSE CEH or Security+. Having more than one certification is an added advantage.
  4. A minimum of 7 years’ experience in Information Technology, 3 of which must be in Senior IT Security Management with hands on experience in:
  5. IT Security governance
  6. Cloud IT Security management
  7. Software / application and security architectures
  8. IPS and vulnerability Testing tools
  9. Active Directory management
  10. Good understanding of endpoint solutions
  11. An understanding of the perimeter security solutions.
  12. IT Security on O365, operating systems and databases in an heterogenous environment (UNIX, Microsoft, Oracle, SQL, Open source).
  13. Wide knowledge of web security architecture.
  14. Knowledge and skills on encryption, VPN

DESIRABLE:

  1. Excellent verbal and written communication skills with technical and non-technical staff, end-users, and senior management.
  2. Strong teamwork skills to maintain strong working relationships, within and outside IT to develop a results-oriented work environment.
  3. Excellent follow-up skills to see tasks through to resolution and communicate problem status to end users such as notification of completion, notification of delay, and explaining rationale.
  4. Excellent analytical solving skills.
  5. Excellent organizational skills, prioritizing and managing multiple tasks.
  6. Offer and accept feedback and constructive suggestions.
  7. Good logical diagnostic skills and ability to exercise good judgement in the resolution of problems.
  8. Ability to multi-task in dealing with several different problems at a time.
  9. Ability to work under high pressure, meet deadlines, monitor and follow-up on pending matters under minimum supervision.

COMPETENCIES

  1. Demonstrated high levels of confidentiality and integrity .
  2. Excellent interpersonal, written, presentation and communication skills
  3. Excellent analytical, problem-solving and critical thinking skills.
  4. Strong Management, leadership and decision-making skills .
  5. Ability to build strong and effective teams.
  6. Ability to delegate and motivate teams

The post IT Risk And Security Manager at KEMRI Wellcome Trust Research Programme (KWTRP) appeared first on Jobs in Kenya - http://jobwebkenya.com/.



The post IT Risk And Security Manager at KEMRI Wellcome Trust Research Programme (KWTRP) is republished from Jobs – Jobs in Kenya – http://jobwebkenya.com/