Safaricom Limited Information Risk Management and Compliance Senior Manager Job in Kenya

Safaricom Limited is the leading mobile telecommunications company in Kenya. 

We are pleased to announce the following vacancy in Risk Management and Compliance Division.

Senior Manager - Information Risk Management and Compliance

Ref: RMC – SMIRM&C - July 2014

In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:

Reporting to the Head of Department- Enterprise Risk Management, the successful candidate will play a leading role in shaping, guiding and implementing Information Risk Management and Compliance at Safaricom  by liaising closely with other managers across the business and in particular in Technology.

In carrying out their duties therefore, the required candidate will develop, implement and monitor information security policies and metrics and evaluate the information security risk and adequacy of mitigations at Safaricom.

Key responsibilities will be to;

• Forms a “center of excellence” for information security management, for example offering internal management consultancy and advisory services on information security risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively;
• Coordinate and/or track resolution of Information Security Risk control items arising out of the Risk Assessment activities within the Safaricom Enterprise Risk Management Framework;
• Establish independent monitoring for compliance with both with internal security policies etc. and applicable laws and regulations to cover, but not limited to, our User access management, auditing and logging policies and specific controls on critical systems e.g. M-PESA;
• Liaison with and offers strategic direction to related governance functions (such as Technology, Physical Security/Facilities, Business Continuity management,  HR, and Corporate Affairs) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies;
• Leads or commissions the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with Technology Security;
• Leads or commissions suitable information security awareness, training and educational activities;
• Leads or commissions information security risk assessments and controls selection activities;

The ideal candidate should possess the following skills & competencies;

• Degree in a technical field IT, Business Information Systems (or related technical field) from a recognized university.
• At least 7 years of full-time work experience in information security management and/or related functions (such as IT audit and IT Risk Management). Experience in a banking or money transfer environment will be an added advantage
• Absolutely trustworthy with high standards of personal integrity, and willing to undergo vetting and/or personality assessments to verify this if necessary.
• Holder of at least one of the following certifications: CISA, CISM or CISSP.
• Detailed knowledge of GSM as well as IT Networks is  preferred.

If you meet the requirements and are self-driven, proactive and up to the challenge, please send your resume and application letter quoting the job reference number to the address below. 

All applications must be delivered on or before Monday the 21st July 2014.

The Head of Department Talent & Resourcing
Safaricom Ltd Nairobi
Via E-mail to hr@safaricom.co.ke