KRA – Manager – Information Systems Security.

Department: Corporate Support Services

Division:       Information and Communication Technology

Location / Work Station:  Nairobi

Job Summary:      

• This role is responsible for formulating and implementing best practice strategies to manage information security and cyber risks in the Authority.

Key Responsibilities:       

• Formulate information security strategies to manage information and cyber risks hence protecting revenue and KRA reputation
• Coordinate the development and implementation of the KRA information security policies
• Coordinate the implementation and maintenance of Information Security Management System (ISMS) based on ISO27001 and best practice.
• Coordinate monitoring and surveillance of KRA IT resources to detect and deter cyber attacks
• Ensure confidentiality, integrity and availability of information as well as ensure non- repudiation of electronic transactions in the Authority.
• Oversee the design, acquisition, implementation and operation of information security tools for the protection of KRA information
• Coordinate the design, implementation and review of information security controls in systems, infrastructure and processes to protect KRA information and revenue.
• Provide information security advisories on acquisition and implementation of technology and third party integrations involving/requiring information exchange.
• Oversee development and implementation information security awareness programme across the organization.
• Provide support to relevant departments in information security investigative incidences.
• Day-to-day operations, supervision, management of performance and development of staff in the unit

Academic Qualifications         

• A Bachelor’s Degree in Computer Science or related field from a recognized institution.

Professional Qualifications       

• Must have at least two of the following security certifications in CEH/CHFI/ECIH/CISSP/ISO 27001 or in relevant  information security solutions certification

Relevant Work Experience        

• Minimum of five (5) years’ relevant work experience, with at least two (2) years’ experience at entry-level management or a similar role in a large or busy organization.

Technical Skills Required

• Experience in information security solution design or Strategy development
• Knowledge in IT risk management
• Knowledge in Vulnerability Management
• Knowledge in Data protection
• Experience in the Information Security management System (ISMS)
• Experience in cyber security threat Analysis or incident management
• Experience in Project Management

Managerial Competencies        

• Leadership and people management skills
• Good decision-making capabilities
• Good planning and organizational skills
• Excellent communication and presentation skills
• Good negotiation, delegation and interpersonal skills
• Professional networking
• Resilient, focused and results-oriented

Note:

1. All applications from interested and qualified candidates must be submitted online via the process below.
2. ONLY shortlisted candidates will be contacted.
3. All applications should be submitted online by 7th May  2021.
4. KRA is an equal opportunity employer committed to gender and disability mainstreaming. Persons with Disability are encouraged to apply.
5. KRA does not charge for application, processing, interviewing or any other fee in connection with our recruitment process.