Senior Cybersecurity Officer at Caritas MFB

Caritas MFB

Kenya
Permanent
Full-time

1 month ago

Caritas Microfinance Bank is a licensed microfinance bank regulated by Central Bank of Kenya. Caritas MFB offers a full range of innovative and customized financial services with a special focus on the unbanked and underbanked. Its headquarters are located in the Nairobi CBD. Caritas MFB was formed to provide affordable, innovative and customized financia…Senior Cybersecurity OfficerThe Senior Cybersecurity Officer is a key leadership position responsible for ensuring the security and integrity of the bank's digital infrastructure. The role involves designing, implementing, and managing advanced cybersecurity measures to protect against internal and external threats, ensuring compliance with industry regulations, and driving the continuous improvement of the bank's security posture. The ideal candidate will have a deep understanding of the latest cybersecurity technologies, frameworks, and practices, coupled with strong analytical and leadership skills.KEY RESPONSIBILITIES

Develop and implement the bank's cybersecurity strategy in alignment with business objectives and regulatory requirements.
Lead and mentor the cybersecurity team to build a high-performing and responsive security function.
Monitor access to all bank systems and maintains access control profiles on computer network and systems. Track documentation of access authorizations to all resources.
Develop and/or maintain appropriate Segregation of Duties within and across all banking applications.
Develop and manage the Information Security risk management strategy, framework, guideline and approach for the bank's systems and infrastructure landscape.
Research and investigate measures that address data security risks and potential losses for reporting purposes.
Install, modify, enhance, and maintain data system security software.
Work on determining acceptable risk levels for the bank and ensuring the IT environments are adequately protected from potential risks and threats.
Participate in development and implementation of the appropriate and effective controls to mitigate identified threats and risks.
Conduct regular assessments of the cybersecurity program and recommend enhancements to senior management.
Monitor, identify, and respond to cybersecurity threats and vulnerabilities across the bank's systems, networks, and applications.
Develop and maintain an effective incident response plan, including coordinating investigations and reporting on security incidents.
Conduct root cause analyses for security breaches and implement measures to prevent recurrence.
Ensure compliance with all relevant regulatory requirements, including GDPR, PCI DSS, and local banking security standards.
Conduct regular cybersecurity risk assessments and audits, providing recommendations for risk mitigation.
Liaise with regulatory bodies, auditors, and other stakeholders on matters related to cybersecurity.
Oversee the implementation of security tools, including firewalls, intrusion detection systems (IDS), endpoint protection, and data loss prevention (DLP) solutions.
Ensure the secure configuration and patching of all IT systems and applications.
Develop and enforce security policies, standards, and guidelines.
Drive cybersecurity awareness programs for employees, and third-party partners.
Conduct regular training sessions to ensure employees understand their role in maintaining the bank's security.
Installation, configuration and upgrading of MS SQL server software and related products.
Provide 7×24 ICT support
Stay updated on the latest cybersecurity trends, technologies, and threat intelligence.
Recommend and implement innovative solutions to enhance the bank's security posture.
To perform any other duty as assigned in line with the organization goals and objective.

QUALIFICATION AND EXPERIENCE REQUIREMENTS

Bachelor's degree in computer science, Information Technology, or related discipline
Minimum 4 years in Information Technology with 3 years of Information and Cybersecurity relevant experience
Information security certifications preferred: CISSP, CISM, CISA or Equivalent (Note - If not certified, willing to obtain the CISO approved IS/Cyber certification(s) in the first year of employment)
Strong knowledge of Information Security concepts including, but not limited to, Audit
Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data
Protection, Secure SDLC, Incident Management, Vulnerability Assessment, Third Party
IS Assessment, Secure Configurations, Patch Management, etc.
Thorough understanding of fundamental security related frameworks and network concepts
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations will be an added advantage
Ability to communicate effectively at different levels of the organization, and with various technical and business audiences.
Excellent problem-solving abilities and analytical skills. Ability to see the big picture with high attention to critical details.
Results oriented, can achieve desired outcomes independently and at appropriate priority levels

Don't Keep Share!:

Jobs in Kenya

Apply Now