INFORMATION RISK MANAGER, PROJECTS & DISASTER RECOVERY

Reporting to the Head, Information Risk, the job holder will be responsible for monitoring, evaluation and reporting of IT related risks as related to projects, information security, business continuity and disaster recovery, risk management policies and standards of KCB Group

Responsibilities

• Develop, implement, and monitor a strategic, comprehensive enterprise information risk program to ensure the completeness, comprehensiveness and integrity of information owned, controlled, or processed by KCB.
• Carry out reviews along the various phases of a project's lifecycle as detailed in the bank's Project Management framework to ensure that all delivered systems comply;
• Provide guidance in resolving IS audit findings and lead the development of reports and corrective action plans;
• Provide guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations;
• Develop and implement Risk Management Policies, procedure, standards and guidelines based on best practice and oversee training and dissemination of security policies and practices.
• Review and recommend appropriate security enhancement  of our network by evaluating network design and ensure implementation of effective firewall security policies;
• Manage incidents and complaints about ICT Services, in liaison with IT ensure effective change management process is in place;
• Carry out reviews to ensure comprehensive Business Continuity Management (BCM) Testing & Business Impact Analysis (BIA)/Plans
• Ensure that the implementation Out of Country Disaster Recovery site meets the bank's standards
• Review and evaluate system backup and disaster recovery standards for the bank, follow up on the implementation and provide support to ICT Department to ensure quick recovery in the event of disaster;
• Review the Business Continuity Programme for effectiveness and completeness and recommend appropriate action;
• Review  System Security Configurations for effectiveness and recommend appropriate  settings;

The Person

• A University degree from an institution recognized by Commission for University Education in a relevant field in Information Technology or Computer Science.
• Must be Certified in one or more of the following; CISSP, CISA, CISM, CRISC
• Masters degree will be an added advantage.
• At least three (5) years working experience in Information Security and Operations Risk.
• Experience in Change & Project Management.
• Experience in Systems Audit & Forensics will be an added advantage.
• Demonstrate high integrity.
• Good data analytical skills, both financial and non-financial.
• Training in Risk management.
• Good communication, planning and organization skill.

The above position is demanding for which the bank will provide a competitive package for the successful candidates.  If you believe you can clearly demonstrate your abilities to meet the criteria given above, please submit your application with a detailed CV, stating your current position, remuneration level e-mail and telephone contacts quoting the job title/reference in the subject field to recruitment@kcb.co.ke

To be considered your application must be received by Nov. 14, 2014.

Only short listed candidates will be contacted.

JOB REF: RISK 07/2014