About KCB Bank Kenya
Kenya Commercial Bank Limited is a non-operating holding company that started operations as a licensed banking institution effective January 1, 2016. The holding company holds KCB Kenya that was incorporated on the same day and also regional units of KCB in Uganda, Tanzania, Rwanda, Burundi, Ethiopia, and South Sudan. It also owns KCB Insurance Agency, KCB Capital, KCB Foundation, and other subsidiaries. The establishment of the holding company is expected to better position the Group to access unrestricted capital, invest in non-banking ventures, grant its subsidiaries operational and strategic independence, and enhance its corporate governance and oversight.
Senior Manager, Information Risk
Job Type Remote Job
QualificationBA/BSc/HND , Diploma
Experience 5 years
Location Kitale,Kenya
Job Field ICT
Job Description:
- Lead individual Information Risk and Technology-related risk advisory assignments.
- Conduct Technology and Information risk assessments, collaborating with Information Risk Managers and Analysts to develop the annual Group Information Risk action plan.
- Lead cyber security risk reviews and advisory assignments, including IT general controls and IT application control risk reviews.
- Provide assurance on the effectiveness and compliance of preventive controls to KCB Group policies, international standards (ISO 27001, PCI DSS, NIST 800 series), and regulatory requirements.
- Address emerging risks, threat hunting, Cloud computing & AI/ML, and work with Technology teams on mitigations.
- Provide regular updates to senior leadership and the board on emerging trends.
- Perform risk-based project assurance and post-implementation reviews for Technology-related projects.
- Coordinate Red Team exercises and manage the SWIFT attestation program.
- Track outstanding risks in DORCCO, GORCCO, and CAB meetings.
- Represent the Information Risk Department as a member of CAB.
- Follow up and validate closure of PIR & KCSA review issues and action plans, tracking to completion within agreed timelines.
- Design and implement an Information Risk awareness program across KCB Group.
- Oversee and challenge Information risks, including Information Security, Technology, and Data Quality risks.
Key Responsibilities
- Developing of annual brand plans, execution and evaluation of both internal and external marketing campaigns to drive brand visibility and alignment in a seamless manner for enabling functions such as Sustainability, Customer Excellence, etc.
- Working closely with the unit heads to achieve the business objectives whilst participating in projects driven by the respective enabling functions/units.
- Stakeholder management: ensure quality relationship management with all stakeholders i.e., business partners and branding service providers for own area
- Responsible for budget planning, control and expense tracking of all projects to ensure they are delivered within budget, and within policy, to meet the objectives across their assigned units.
- Define clear brand guidelines and value propositions for each enabling function and uphold them across the Group and all business units as well as all Bank’s touch points, communicating across the business as a champion of the company’s brand guidelines to secure brand identity and maintain brand integrity
- Reviewing and enhancing all communication materials and collateral within the business to ensure adherence and consistency to the overall Brand Positioning, Values and Identity Standards.
- Convening regular progress review meetings with internal stakeholders, creative teams, and external agencies, to ensure alignment, tracking of all ongoing projects, quality of deliverables and manage work progress on an ongoing basis.
Minimum Position Requirements:
Education:
- Bachelor’s Degree in Information Technology, Electrical Engineering, Computer Science, or Business (Required)
- Relevant certifications in Information Security and Risk Management (CRISC, CISM, CISSP, CISA, or equivalent) (Required)
- Master’s Degree in IT, MBA, or Computer Science (Advantageous)
Experience:
- Minimum 6 years of experience in Information Risk, IT Security, and/or IT Audit (Essential)
- Minimum 5 years of experience in Vulnerability Assessments (Essential)
- Minimum 5 years of experience in Red Team Exercises and/or Penetration Testing (Essential)
- Minimum 5 years of experience in Stakeholder Management (Essential)
- Minimum 2 years of People Management experience (Desirable)
- Minimum 6 years of experience in Banking/Financial Services (Essential)
- Minimum 5 years of experience in Project Management (Essential)
Job Type: Contract
Compensation: 400,000 KES monthly. The pay will be per task completed; hence, actual earnings will vary based on the performance of staff at KCB. The amount listed is an estimate of the expected deliverables and workload for each task and responsibility within the role.
Language: English