The Cybersecurity Specialist, Data Security and Privacy is responsible for maintaining the integrity and confidentiality of the organization’s data while in use, in motion and in situ, in the Group’s information systems by implementing, maintaining, and monitoring effective data security controls and policies.
The holder is also responsible for the deployment, testing and maintenance of data loss prevention systems, information protection security systems, and enforcement of database security controls.
Key Responsibilities: -
- Recommend, implement, administer, optimize, and support appropriate tools and solutions offering data loss prevention, and information protection in compliance with the Bank’s policies and standards.
- Continuously review, enforce, and report on database and data store security controls that cover the major database management systems such as Oracle, Microsoft SQL Server, MySQL, PostgreSQL.
- Collaborate with the Cybersecurity Intelligence and Security Operations Centre (CiSOC) in the continuous monitoring and defence of the Bank’s data, information and databases from data leakage, intrusions, unauthorized access, unauthorized modification as well as assist to detect, report, and respond to data security violations/incidents.
- Develop Data and Database Security Technical Guidelines and Minimum Configuration Baseline Standards in line with industry best practices and technologies commensurate with risk and regulatory requirements and implementing the same cost effectively.
- Implement and enforce technical security controls to achieve data protection objectives set out by the organization and regulatory requirements such as the Kenya Data Protection Act, and CBK Guideline for Cybersecurity
- Define, create, and deliver compliance reports and relevant metrics in Data Security & Privacy to senior management, including violations, utilizing automation as deemed fit.
- Provide data security and privacy related support to projects from inception through to successful implementation in a bid to ensure that data security and overall information protection measures are built in from project inception.
- Conduct continuous data security reviews and data discovery assessments to determine any data security violations as well as efficacy of implemented countermeasures.
- Provide input into Information Security risk and control self-assessments by leveraging specialized knowledge in data security, databases, privacy, and information protection.
- Research on and provide technical data security and privacy expertise in the Group Information Security department, conduct data security awareness and user training sessions across the group.
The Person
For the above position, the successful applicant should have the following:
- Bachelor’s degree in Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field.
- Cybersecurity certification such as CISA/ CISSP/ Security+/ CEH etc.
- Oracle Database certifications such as OCP/ Oracle Database Security/ Microsoft Database certifications such as MCDBA will be added advantage.
- 5 years technology experience with at least 2 years in cybersecurity.
- Experience in Database Administration/ Data / Database Security is desired.
- Experience in administering data/information protection and privacy solutions is desired.
The above position is a demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.
To be considered your application must be received by Friday 19th July 2024.
Qualified candidates with a disability are encouraged to apply.
Only short-listed candidates will be contacted.
