Uap Old Mutual Group Is Hiring!! Apply Now!!
Uap Old Mutual Group Is Hiring!! Apply Now!! 1 PositionOld Mutual Group
Chief Information Security Officer
The UAP Old Mutual Group comprises of three key players as a result of the acquisition of a controlling stake in Faulu in 2014 and UAP in 2015 by Old Mutual. The acquisition resulted in Old Mutual Kenya and UAP Holdings (www.uapoldmutual.com) as well as Faulu Microfinance Bank (www.faulukenya.com) forming one of the largest financial services groups with a growing footprint in East and Central Africa. The Group currently has operations in Kenya, Uganda, Tanzania, South Sudan and Rwanda.
We are rooted in our purpose of “Championing Mutually Positive Futures Every Day” and believe that a great customer experience is anchored in a great employee experience.
Reporting to the Head of Risk & Compliance, the role holder will implement Faulu’s Cyber security strategies, program and policy as well as oversee cybersecurity and information security matters of the Bank.
- Developing and implementing Faulu’s cybersecurity program and enforcing the cybersecurity policy.
- Ensuring that Faulu maintains a current and comprehensive cyber asset and user register
- Ensuring that Faulu’s cybersecurity strategy addresses its needs, considering its overall business strategies, risk appetite and ICT risk management policies.
- Design cybersecurity controls with the consideration of users at all levels of the organization.
- Organizing professional cyber related trainings.
- Ensure that adequate processes are in place for monitoring IT systems to detect cybersecurity events and incidents in a timely manner.
- Reporting to the CEO, and the Board at least quarterly.
- Ensure timely update of the incident response mechanism and Business Continuity Plan (BCP)
- Incorporate the utilization of scenario analysis to consider a material cyber-attack, mitigating actions, and identify potential control gaps.
- Ensure adequate backups of critical IT systems and data.
- Ensure the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented and communicated to relevant staff.
- Put in place BCP and disaster recovery test plans.
- Assessing the overall effectiveness of Faulu’s cybersecurity program.
- Quarterly reporting on the organization’s cybersecurity posture to senior management, Board Risk Management Committee, Audit committee and the board.
- Conduct oversight over and provide directions to any third-party service provider contracted to perform operational security functions such as information security monitoring, testing and threat intelligence.
- Submitting the required cybersecurity regulatory returns to the Central Bank of Kenya.
Minimum qualifications and Work Experience:
- Bachelor’s degree in IT
- Masters Degree is desirable
- Professional qualification such as CISA, CISM or CISSP
- At least 6 years’ experience in a large Payment Service Provider or financial institution professional services firm; 4 of which should be in either of the following functions: IS Auditor, IS Security, or IT Risk.
Knowledge and Skills:
- Must be able to work independently with good interpersonal and project management skills.
- Knowledgeable in IT operations
- Proficient in IS Security