Google Play

ICT Risk Officer

Published on 24.03.2023


Website :
Industries :
Banking, insurance, finance
Job ads : See our Job Ads
The Co-operative Bank of Kenya Limited is incorporated in Kenya under the Company Act and is also licensed to do the business of banking under the... read more

Job Ad & Profile Description

Position : ICT Risk Officer

Are you a competent and highly motivated person with a career passion for Information Security? 

Our ICT Risk and Control Team is looking for a detail-oriented, self-driven, collaborative individual with a passion for integrity to fill the role of ICT Risk Officer.

Reporting to Head – ICT Risk and Control, the role holder will provide continuous independent assurance of the bank’s Information Security as regards confidentiality, integrity, and availability of the IT Systems by ensuring that appropriate security controls are in place to protect the Bank’s assets. The role holder will also ensure that ICT-related risks are managed in compliance with the Bank’s policies, laws, regulatory guidelines, and applicable standards.

The Role

Specifically, the successful jobholder will be required to:

  • Carry out ICT risk assessments of Co-operative Bank systems and provide recommendations for appropriate and adequate IT security controls to mitigate and minimize ICT Risks. 
  • Continuously review and improve the ICT controls in place. 
  • Continuously review systems at all levels i.e. servers, applications, database, network devices, etc., identify risks and make recommendations on closure of the risks 
  • Provide continuous assurance on ICT Risks on the Bank’s systems
  • Evaluate ICT controls for all operating systems, applications, database management system interfaces, and networks across the Bank to ensure consistency in achieving compliance requirements (regulatory, standards, and internal policies).
  • Promote Information security awareness within the Bank by providing consultation, guidance, and conducting relevant awareness programs to ensure an IS-compliant culture.
  • Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with the ICT department on effective responses or control measures to be implemented to mitigate them.
  • Manage ICT risk registers. 
  • Periodically perform vulnerability assessments & penetration tests on Bank systems and technology, identifying vulnerabilities and recommendations on the closure of these vulnerabilities.
Required profile for job ad : ICT Risk Officer

Skills, Competencies, and Experience

The successful candidate will be required to have the following skills and competencies:

  • A Bachelor’s degree in Information Technology, Information Security, or Computer Science.
  • Relevant IT Security professional qualifications e.g. CISA, CISM, CEH, or other relevant security certifications.
  • A minimum of 5 years of working experience in a similar role in a highly computerized environment.
  • Experience in implementing Information Security Standards such as ISO 27001, COBIT.
  • Understanding of ICT risk and systems security control processes
  • Understanding of Information systems Architecture and operational practices
  • Appreciation of Audit Methodologies.
  • Experienced in Windows Enterprise servers or UNIX systems.
  • Experience working in the IT function within a banking environment will be an advantage.
  • Knowledge of cybersecurity good practices (Identity and Access Management, Data Protection, Penetration Testing, etc.)

How to apply

If you are confident that you fit the role and person profile and you are keen to add value to your career then please forward your application letter enclosing detailed Curriculum Vitae  indicating the job reference number IRO/CEO/2023 by March 2023.

Job criteria for job ad : ICT Risk Officer
Job category :
IT, new technologies
Industries :
Banking, insurance, finance
Employment type :
Permanent contract - Fixed-term contract
Region :
Central - Coast - Eastern - Nairobi - North Eastern - Nyanza - Rift Valley - Western - International
Experience level :
5 to 10 years
Educational level :
Key Skills :
Number of Position(s) : 1
Be cautious! Do not send money to a potential employer. Do not pay any money for a potential contract of employment or for pre-employment training.
Please report any irregularities by using the candidate contact form and selecting the subject "Report a job ad".

Share this offer with your network