Reporting to the Head, Information Risk, the Senior Manager, Information Risk exists to lead information risk related review and advisory assignments across the Group for projects, cybersecurity and or governance that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement. The role will lead a team of Information Risk Managers and Analysts.
Key Responsibilities
• Provide leadership in individual Information Risk / Technology related Risk and advisory assignments for the assigned scope.
• Conduct Technology and Information risk assessments through Information Risk Managers and Analysts to develop the annual Group Information Risk action plan.
• Provide leadership in cyber security risk related reviews and advisory assignments, IT general and IT application control risk reviews on information systems and Technology environment to give assurance on the effectiveness and efficiency of the preventive control and compliance to KCB Group policies, International Standards (ISO 27001, ISO 22301, PCI DSS, NIST 800 series, etc.), and Regulatory requirements and guidelines.
• Provide leadership in emerging risks, threat hunting, Cloud computing & AI/ML by working with business functions in Technology in providing mitigations.
• Providing regular updates to group senior leadership and the board on the latest trends.
• Perform ongoing risk-based project assurance and post implementation reviews on Technology related projects.
• Coordinate Red Team exercises across the group and SWIFT attestation program in timely manner.
• Tracking of outstanding risks in DORCCO, GORCCO, CAB meetings.
• Be a member of CAB representing the Information Risk Department.
• Conduct, follow up and validate closure of PIR & KCSA review issues action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
• Design and monitor implementation of Information risks awareness program across KCB Group
Responsible for oversight and challenge of Information risks across KCB Group, including Information Security, Technology and Data quality risks.
The Person
• Hold a bachelor’s degree in information technology, Electrical Engineering, Computer Science, Business or related fields.
• Professional qualifications in Information Security and Risk Management knowledge areas such as CRISC, CISM, CISSP, CISA or equivalent.
• At least six years' relevant working experience, including specific experience in the areas below:
o 6 Years of Banking Experience
o 6 Years Experience in Information Risk/or IT Security and/or IT Audit
o 5 Years’ Experience in Vulnerability Assessments Experience
o 5 Years’ Experience in Red Team Exercises and/or Penetration Testing Experience.
o 5 Years’ Experience in Stakeholder Management
o 5 Years’ Experience in Project Management
o 2 Years’ Experience in People Management
The above position is a demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.
To be considered your application must be received by Friday, 24th July 2026.
Qualified candidates with a disability are encouraged to apply.
Only short-listed candidates will be contacted.