About KCB Bank Kenya
Kenya Commercial Bank Limited is a holding company that is non-banking, licensed on 1st January 2016. It has under its management KCB Kenya, incorporated on the same date, and its regional subsidiaries in Uganda, Tanzania, Rwanda, Burundi, Ethiopia, and South Sudan. The group also has under its management KCB Insurance Agency, KCB Capital, KCB Foundation, and other related entities. The holding company structure enhances access to free capital, facilitates investment in non-banking ventures, provides strategic and operational autonomy to its subsidiaries, and enhances corporate governance and monitoring.
Information Risk Analyst
Job Type: Remote
Qualification: BA/BSc/HND, Diploma
Experience: Minimum of 5 years
Location: Kisumu, Kenya
Job Field: ICT / Computer
Key Responsibilities
- Perform regular IT risk assessments to identify and address potential risks, ensuring management is informed and necessary mitigation measures are in place.
- Offer expert consultation on information risk management during the development of systems, applications, and e-products to integrate security best practices.
- Assess security risks in operating systems, web applications, and databases, providing detailed reports and recommendations to management.
- Conduct evaluations of logical and physical access controls to safeguard system security.
- Participate in penetration testing to identify vulnerabilities in the bank’s IT network.
- Review and approve new systems before deployment in the live environment.
- Oversee self-assessments, gap analyses, risk acceptances, and other control measures in collaboration with business units, compliance teams, and control functions.
- Work closely with Risk Heads across subsidiaries to ensure compliance with Group security standards.
- Proactively assess potential cyber threats and vulnerabilities, coordinating with the IT department to implement necessary security controls within the subsidiaries.
Candidate Requirements
- A Bachelor’s degree in Computer Science or a related field.
- Professional certifications such as CISSP, CISA, CISM, or CRISC.
- A Master’s degree is an added advantage.
- At least 4 years of experience in IT-related roles, including:
- 4 years in Information Technology across any domain.
- 2 years in Information Risk Management.
- 2 years in Systems Auditing.
- 1 year of experience in Digital Forensics (preferred).
- 2 years in Information Security.
- 2 years in Change and Project Management.
Employment Type: Contract
Compensation: Estimated at KES 380,000 per month. Payment will be task-based, meaning actual earnings may vary depending on deliverables and performance expectations within the role.
Language Requirement: English