Summary
Date Posted: Monday, August 29, 2022 , Base Salary: Not Disclosed

JOB DETAILS:
Information Security & Data Privacy Officer

Monitoring and Review of Systems:
• Monitoring performance and adherence to the requirements of the regulation while providing advice on the data protection impact assessment.
• Conducting audits to ensure compliance, accountability and address potential issues proactively.
• Monitor security events received from the Bank’s security tools on applicable perimeter devices, systems, databases and servers for potential attacks, suspicious or anomalous activities.
• Assist in identifying new solutions to improve the ISO monitoring role in threat identification, detections and response capabilities.
• Strengthen the monitoring of system transactions integrity and events by review of the System audit logs and Escalation of noted anomalies.
• Analyze and document business process objectives and design to identify required information systems controls.
Incidences Management:
• Serving as the Data Protection Officer and point of contact between the Companies, the Data Commissioner and other Regulatory Authorities and co-operating with them during inspections by answering any complaints or queries raised with regards to Data Protection.
• Handling queries or complaints internally or externally regarding data confidentiality and use.
• Escalate and report on incidents, potential gaps or risks as observed during monitoring activities.
• Document the security breaches and measure the damage caused.
Reporting:
• Reporting to the Supervisor:
• Providing updates on the Data Protection compliance programme to the Board and Risk Management Committee
• Providing status updates to the Head of Risk and Senior Management on a regular basis (at least monthly) and drawing immediate attention to any failure to comply with the applicable data protection requirement.
• Share a monthly report on privilege access management and bank wide compliance to the user access rights.
• Quarterly reporting to the board on the exceptions noted in user access management likely to impact the Confidentiality, Integrity and Availability of information.
• Any other duties as deemed necessary by the supervisor.

Academic Background
• Bachelor’s degree in Information Technology, Computer science, Cybersecurity, business, or related fields
• Strong knowledge of Information Security related frameworks/ Regulations such as, ISO 27001, NIST 800-53, NIST Cyber Security Framework, Cobit, FFIEC CAT, GLBA, SOX, NYDFS 500, etc.

Work Experience
• At least 5 years of Banking or Information Technology Experience
• Knowledgeable in IT operations
• Proficient in IS Security
• Knowledge on Data Protection laws & General Data Protection Regulations (GDPR) is an added advantage

Work Hours: 8

Experience in Months: 60

Job application procedure
Interested and qualified? Go to Sidian Bank on sidianbank.co.ke to apply

All Jobs

QUICK ALERT SUBSCRIPTION