Head, It Risk & Security

The Position:

Reporting to the Director, Information Technology, the purpose of the role is to safeguard KCB critical information infrastructure against external aggression from cyber criminals; respond to, resolve and recover from Cyber/IT Security incidents and attacks through proactive security incidence monitoring and also deliver an appropriate IT business continuity & data back-ups management capability for the Bank in the event of a material business interruption.

Key Responsibilities:

  • Ensure the security of the core banking systems through adequate security management and administration measures.
  • Develop and enforce IT policies, standards and procedures to ensure proper operations and maintenance of the IT assets.
  • Implement appropriate transparency/escalation of all significant risks as appropriate in the weekly and monthly reports, and priority notifications to ensure minimum exposure to risk.
  • Identifying risks via: analysis of monthly metrics and other indicators; review of IT conformance reports, security assessments, requests for policy/standard exceptions and health check results; responding to escalations and queries; regular discussions with the departments; and other means that may be available to ensure that appropriate measures are taken to mitigate exposure.
  • Assessing identified risks in conjunction with other IT Departments, Information Risk and other Lines of Business to determine the impact/materiality in terms of financial loss/cost, reputation and/or regulatory risk and the likelihood and potential frequency of such risk occurring.
  • Ensure appropriate action plans and delivery dates are in place to address material risks and any open internal or external audit items or regulatory issues, and tracking these actions to completion.
  • Participate in the annual IS and IT audit plan with the Internal Audit in order to take note of the areas to be addressed.
  • Coordinate with internal and external auditors to ensure timely and responsive auditees, appropriate findings, and appropriate management responses and action plans.
  • Coordinate with Operational Risk Control to ensure transparency of risks, appropriate measures in place to mitigate risks to within the Business risk appetite, and a positive and open working relationship.
  • Providing guidance within the departments on topics related to ICT risk management such as achieving compliance with standards and policies, staying within the risk appetite of the KCB.
  • Coordinating with the Departments to ensure all deadlines are met for core activities such as conformance, audits, regulatory reviews, priority initiatives, etc.
  • Participation in the implementation of the Group Data Protection and Data Confidentiality programs.
  • Responsible for implementing/establishing a process for safeguarding authentication devices against interference, loss and theft.

The Person:

  • To be considered for the role, the successful applicant should have the following:
  • Preferably a Bachelor’s Degree in ICT or Related Field from a recognized university. A Master’s Degree will be added advantage.
  • Must possess at least one security certification such as CISA, CISM, CISSP, CASP, BCM, Security +.
  • A minimum of 10 years senior management experience in Information Technology with hands on experience in:
    • 8 years’ experience in Core banking risk & security management,
    • 8 years’ experience in Active directory management,
    • 8 years’ experience in IT Security on operating systems and databases,
    • 8 years’ experience in IT BCM, Data Back Ups & Archival Management,
  • Knowledge of web security architecture is essential.
  • Knowledge and skills on encryption, VPN is essential.
  • Knowledge of web programming languages and software & security architectures is desired.
  • Strong leadership skills with demonstrated competencies in championing high performance.
  • Superior communication and interpersonal skills.

The above position is demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.

To be considered your application must be received by Friday, 17th May 2019.

Qualified candidates with disability are encouraged to apply.

Only short listed candidates will be contacted.

NB: In the event that you are invited to interview for any positions, we will require that you provide us with the following documents:

  • National I.D.
  • KRA Pin Card.
  • Birth Certificate of self.
  • Passport Photo (White Background).
  • NSSF Card.
  • NHIF Card.
  • Police Clearance Certificate (less than 5 Months old).
  • Academic and Professional certificates, including official transcripts.
  • Certificates of Service from previous employers as applicable.


Sign up for our Newsletter

Stay informed with what we have been upto!


Accounts Cards Loans Investments
Fixed Deposits Call Deposits Treasury Bill & Bonds Dual Currency Deposits Custody
Forex Diaspora Banking Ways of Banking Search
Micro SME AGRI Corporate Investments
Investment Accounts Fixed Deposit Call Deposit Treasury Bills & Bonds Short Term Credit Loans Custody
Currency Account Drafts Foward Contracts Swaps Traveler's Cheques Swift Transfers Dual Currency Deposits
Biashara Club Developers' Club
Ways of Banking Search
About Us
Who We Are
Our Philosophy Our History Governance Our Standards Awards Ethics
News & Events News Archives Sponsorships
KCB Football KCB Rugby KCB Chess KCB Volleyball KCB Rally KCB Golf KCB Autocross
Careers Tenders Search Vacancies
Contact Us 2Jiajiri Deals Simba Points Witty Banker Vehicle Bid