Information Technology Risk Officer job at Asante Financial Services Group
Website :
939 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Information Technology Risk Officer

[ Type: FULL TIME , Industry: Finance , Category: Computer & IT ]

Jobs at:

Asante Financial Services Group

Deadline of this Job:
15 June 2022  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Wednesday, June 01, 2022 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Asante Financial Services Group
Asante Financial Services Group jobs in Kenya

JOB DETAILS:
Asante FS aspires to become Africa’s leading digital financial services provider by facilitating financial independence, tapping into the best talent in the market, and harnessing the power of technology to deliver world class lending services to our valued customers. Everything we say, and everything we do, is anchored on the values of Trust, Reliability, Innovation and Simplicity. At Asante Financial Services Group, you will find a Responsive and Passionate team! It’s part of our DNA!

Main Responsibilities
• Implementation of the organizations cyber security strategy
• Perform system risk assessments for all solutions being delivered and facilitate the reporting of findings, formulation, and logging of management actions, and tracking and reporting of remediation efforts
• Ensure that change and incident management procedures are implemented and report on gaps noted for remediation
• Provide training and awareness to facilitate the embedment of secure coding standards, tools and processes within the development teams
• Ensure that the IT infrastructure and applications have adequate defense in depth controls put in place.
• Review and ensure that all open issues identified by risk team, IT security applications and auditors are closed within the agreed time frame
• Keep up to date with, and understand, relevant laws and regulations such as data privacy laws
• Participate in and provide QA for UAT and SIT testing
• Ensure that all systems undergo a pentest prior to go live
• Ensure that staff members are adequately trained on cyber security issues
• Ensure that the organization has adequate IT DR measures in place
• Develops, tracks, and reports on Key Risk Indicators (KRIs) for information technology
• Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls
• Undertaking risk reviews of the IT control framework
• Participate and provide QA for UAT and SIT-Ensure that the UAT and SIT have all the requisite tests from an information security perspective, both positive and negative tests. Participate in the UAT and SIT to provide assurance that the tests have met end user and information security needs.
• Change management-Ensure that proper change management procedures are in place for both infrastructure, software and code changes. All changes should be done as per the policy in place.
• Incident management-Track and report on all IT incidents and ensure that the same are resolved in a sustainable manner. Designs an innovative threat and security incident management solution
• IT Tools alert- Ensure that all alerts from IT security tools are closed in a sustainable manner
• Implement IT security policies and controls on the IT security tools - Recommend and ensure implementation of controls on the IT security tools i.e. firewall policies and related controls.
• Staff Cyber Security awareness Conduct staff cyber security awareness trainings to new and existing staff.
• Cyber security weekly and monthly reports-Summarize cyber security incidents and reports for management review and action
• Product and partner risk assessment- Review and document all IT related issues in terms of the architecture, API’s etc. and follow up resolution of the same.
• IT Risk assurance - Actively engaging in end-to-end risk remediation planning, resolution, and monitoring activities. (Patching, hardening, baseline controls for different OS and applications, application whitelisting etc)

Essential skills:
• Bachelor’s Degree in a related field
• 5 years progressive experience in a similar role in financial services
• Relevant professional requirements such as CISSP (Certified Information Systems Security Professional), CRISC (Certified in Risk and Information Systems Control (CRISC) CISA, CISM
• Working knowledge of UNIX and Windows, Firewalls, VPN, PKI, IPS, API’s, Oracle, MS SQL, Virtualization Security, Software programming skills
• Good communication and interpersonal skills
• Strong understanding of security governance, compliance, and risk management principles.
• Strong Project Management skills

Work Hours: 8


Experience in Months: 60

Level of Education:
Bachelor Degree

Job application procedure
Please send the application to humanresource@asantefinancegroup.com  Kindly note that resumes will be reviewed as soon as they are received. Only short-listed candidates will be contacted.

All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 15 June 2022
Duty Station: Nairobi
Posted: 01-06-2022
No of Jobs: 1
Start Publishing: 01-06-2022
Stop Publishing (Put date of 2030): 01-06-2066
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.