Information Security Lead job at Koko Networks
Website :
644 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Information Security Lead

[ Type: FULL TIME , Industry: Information Technology , Category: Computer & IT ]

Jobs at:

Koko Networks

Deadline of this Job:
03 March 2023  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Wednesday, February 15, 2023 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Koko Networks
Koko Networks jobs in Kenya

JOB DETAILS:

Your Role
As Information Security Lead, you will be responsible for the information security and risk management program. You will be primarily responsible for the design, implementation, management, and operations of security controls and systems to protect the confidentiality, integrity, and availability of KOKO’s information assets and improving our cyber-maturity. You will also lead risk assessments, develop, improve and implement security policies, procedures and standards aligned to best practices. Technically, you will develop the Infosec roadmap in consultation with the Head of ICT and Infosec, design technical infosec controls and own the vulnerability management program. You will work collaboratively and effectively with executives and other departments including product, operations, software engineering as well as 3rd party vendors and organisations to meet KOKO’s security objectives.

What you will do
• Work closely with KOKO’s global business units, including product and software engineering, and country based ICT teams to Implement Infosec governance, security controls and risk management programs adhering to best practices.
• Ensure confidentiality, integrity and availability of services by owning aspects of Information security, risk management, technical controls, threat modeling and compliance to infosec policies.
• Establish safeguards by creating disaster preparedness protocols, conducting preparedness tests, monitoring security tools and leading Incident management activities.
• Design and develop the information security strategy and own the Information security program.
• Provide supervisory and leadership support to IT security Officers and In-house SOC Analysts
• Identify opportunities to improve risk posture, develop solutions for mitigating Infosec risks and processes for assessing the residual risk.
• Review and improve Infosec controls, policies, standards, processes and frameworks and monitor compliance with the approved policies and procedures.
• Lead security audits and data protection Initiatives, conduct vulnerability assessments and penetration testing, manage remediation efforts and track the closure of deficiencies.
• Provide Infosec related technical support in our software development lifecycle and enforce best practices including code reviews, and automated testing in the DevOps pipelines.
• Identify, recommend new security architecture plans and designs, implement security controls and deliver or facilitate training for secure software coding practices to software developers.
• Define Information security blueprints and provide guidance to departments and country based IT Operation teams, in order to standardize KOKO’s enterprise wide security and ensure consistency.
• Provide Infosec related technical support in our software development lifecycle and enforce best practices including code reviews, and automated testing in the DevOps pipelines.
• Manage the ICT Information security budget.

What You Will Bring to KOKO
• University degree in relevant fields like Information Technology, engineering or cyber security
• 6+ years of experience in a similar role, with a demonstrated track record of success
• Practical understanding of Infosec, risk and compliance standards, frameworks and best practices. A professional certification is an added advantage (e.g CISSP, CISA, CISM, CRISC, ISO 27001)
• 3+ years of management experience building, leading and mentoring Infosec or technology teams and comfortable working in a fast-paced and highly collaborative team environment.
• General understanding and knowledge of regulatory requirements, security concepts, Information security governance, data protection and privacy laws and regulations.
• Hands-on leader who is technically savvy and can balance best practice with pragmatism
• Experience designing and implementing ICT strategy, roadmap, policies, procedures and standards
• Experience with cloud platforms (Preferably AWS)
• Experience with vulnerability mitigation strategies, detection tools, techniques and remediation.
• Experience with security tools, forensic tools, NAC, Antivirus, File Integrity Management, Intrusion Prevention, Network and Application Firewalls, Web Proxy, SIEM and DLP solutions.
• Analytical thinker with ability to partner with management, technical team and external stakeholders to resolve complex security matters and develop policies, processes and guidelines.
• Excellent communicator, detail-oriented with ability to manage shifting and competing priorities.
• Self driven and strongly motivated with an ownership mindset and a can-do attitude.


Work Hours: 8


Experience in Months: 72

Level of Education:
Bachelor Degree

Job application procedure

Interested and qualified? Click Here to Apply


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 03 March 2023
Duty Station: Nairobi
Posted: 15-02-2023
No of Jobs: 1
Start Publishing: 15-02-2023
Stop Publishing (Put date of 2030): 15-02-2067
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.