Information TechnologyFull-TimeSenior-level(6+ yrs)
Job Description
About the Role
The Senior Manager, Information Risk at KCB Bank Kenya is responsible for providing leadership in Information Risk, Technology related Risk, and advisory assignments. This role involves conducting risk assessments, performing cyber security and application control reviews, and ensuring compliance with KCB Group policies, international standards (such as ISO 27001, ISO 22301, PCI DSS, NIST), and regulatory guidelines. The position also oversees emerging technology risks, data quality risks, threat hunting, and leads/mentors a high-performing risk management team.
Key Responsibilities
Risk Leadership & Advisory: Provide leadership in individual Information Risk / Technology related Risk and advisory assignments for the assigned scope. Conduct Technology and Information risk assessments to develop the annual Group Information Risk action plan.
Cyber Security & Controls: Lead cyber security risk related reviews and advisory assignments, IT general and IT application control risk reviews on information systems and Technology environment to give assurance on the effectiveness and efficiency of the preventive control and compliance to KCB Group policies, International Standards (ISO 27001, ISO 22301, PCI DSS, NIST 800 series, etc.), and Regulatory requirements and guidelines.
Emerging Risks & Technology: Provide leadership in emerging risks, threat hunting, Cloud computing & AI/ML by working with business functions in Technology in providing mitigations.
Board & Leadership Reporting: Providing regular updates to group senior leadership and the board on the latest trends.
Vulnerability & Attestation Management: Coordinate Red Team exercises across the group and SWIFT attestation program in timely manner. Tracking of outstanding risks in DORCCO, GORCCO, CAB meetings.
Remediation & Monitoring: Conduct, follow up and validate closure of PIR & KCSA review issues action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
Team Leadership: Lead and mentor a team of Information Risk Managers and Analysts, fostering a collaborative and high-performing environment.
Policy & Collaboration: Ensure the bank's data and systems are secure and compliant with industry standards and regulations. Build and maintain strong relationships with internal stakeholders and external partners to ensure effective risk management.
Qualifications and Requirements
Education: Bachelor's degree in Computer Science, Information Technology, or a related field. A Master's degree is highly preferred.
Experience: Minimum of 8 years of experience in information risk management, with a proven track record of leading and mentoring teams.
Certifications: Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification is an advantage.
Technical Knowledge: Strong knowledge of information security principles, risk assessment methodologies, and industry standards.
How to Apply
Interested and qualified candidates should apply online by visiting the KCB Bank Kenya application portal: Apply on KCB Oracle Portal