ICT Risk Officer at United Bank for Africa (UBA) Kenya

• The IT Security Manager is responsible for developing, implementing, and managing the bank’s information security strategy to protect systems, networks, and data. The role ensures alignment with the bank’s risk management framework, regulatory requirements, industry and group best practices.

INFORMATION SECURITY STRATEGY & GOVERNANCE

• Develop and implement the bank’s information security strategy aligned with enterprise risk management.
• Establish security policies, standards, and procedures.
• Ensure compliance with regulatory requirements (e.g., central bank regulations, data protection laws).
• Report on security posture and risks to senior management and risk committees.

RISK MANAGEMENT

• Identify, assess, and mitigate IT and cybersecurity risks.
• Conduct regular risk assessments and vulnerability analyses.
• Integrate IT security into the bank’s overall risk management framework.
• Maintain risk registers and track remediation action

SECURITY OPERATIONS & INCIDENT MANAGEMENT

• Oversee security operations including monitoring, detection, and response.
• Lead incident response and investigation of security breaches.
• Ensure timely resolution and reporting of incidents.
• Coordinate disaster recovery and business continuity planning.

COMPLIANCE & AUDIT

• Ensure compliance with standards such as ISO 27001, PCI DSS, and regulatory guidelines.
• Coordinate internal and external security audits.
• Address audit findings and implement corrective actions

SECURITY ARCHITECTURE & CONTROLS

• Design and implement secure IT infrastructure and systems.
• Manage identity and access management (IAM), encryption, and network security controls.
• Oversee third-party/vendor security risk management

AWARENESS & TRAINING

• Promote security awareness across the bank.
• Conduct training programs on cybersecurity best practices.
• Foster a culture of security and risk awareness.

APPLY NOW