Principal ICT Security Analyst (1 Post) Job Ref: HR: KP1/5B.2/1/3/949
a) Are you registered with us in our careers portal? Click here to register.
b) For those who have successfully registered, you can login to apply for the latest opportunities (See candidate application guide).
Reporting to the Manager, IT the Principal ICT Security Analyst will ensure Security and Integrity of ICT Systems and Technologies to control and mitigate risks in the business operating environment.
Objectives:
- Security of information Assets
- Availability and Reliability Information systems
- Controlled ICT Risks
- Business Continuity and Recovery
Key Tasks:
- Develop a Risk and Business Impact Analysis process and iteratively implement it on all information systems in alignment with business requirements.
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
- Review, maintain and strengthen the organisation’s Information Systems assets risk management framework and programme, incorporating infrastructure and process risk ownership, assessment and mitigation.
- Proactively monitor security activity through continuous research and recommend suitable solutions to further secure and safeguard company systems and information assets.
- Provide expert, timely, and relevant advice to management and the entire organisation about systems security issues and activities affecting Kenya Power.
- Establish and maintain a computer incident response capability, and provide appropriate systems specialist support to investigations, forensics and recovery.
- Championing security efforts towards compliance with regulatory standards and Best Practice; Provide specialist guidance to company employees on ICT security and risk matters.
- Ensure that processes to generate, review, and act on audit trails are implemented, managed, and reviewed periodically.
- Work closely with ICT departments on corporate technology development to fully secure information, computer, network, and processing systems.
- Create, and maintain the enterprise’s security awareness training program.
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
- Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Job Specifications:
- Bachelor’s Degree
- CISA, CISM Required
- 5 years’ experience as a Systems Administrator (in Networks, Database, Application Systems Administration and Security Management)
- At least 3 years’ experience directly in IS Security duties and responsibilities
- Knowledge of IT security products and techniques, Network Infrastructure, Applications, and equipment pertinent to a large, distributed environment
- Police Clearance Certificate (Certificate of Good Conduct)
Key Competencies
- Understanding of Company business and operational processes
- High levels of Integrity and Ethics
- Drive for results and achievement
- Analytical and strategic thinker
- Creativity and innovation
- Commitment to Company Vision and Values
- Attention to detail and compliance with standards
HOW TO APPLY
Interested persons should submit their applications online through visiting Kenya Power website on http://www.kplc.co.ke Applications should be received not later than Wednesday, 23rd August 2019.
Only shortlisted candidates will be contacted.
Canvassing will lead to automatic disqualification.
Kenya Power is an Equal Opportunity Employer.
a) Are you registered with us in our careers portal? Click here to register.
b) For those who have successfully registered, you can login to apply for the latest opportunities (See candidate application guide).
Reporting to the Manager, IT the Principal ICT Security Analyst will ensure Security and Integrity of ICT Systems and Technologies to control and mitigate risks in the business operating environment.
Objectives:
- Security of information Assets
- Availability and Reliability Information systems
- Controlled ICT Risks
- Business Continuity and Recovery
Key Tasks:
- Develop a Risk and Business Impact Analysis process and iteratively implement it on all information systems in alignment with business requirements.
- Develop, implement, maintain, and oversee enforcement of policies, procedures, and associated plans for system security administration and user system access based on industry-standard best practices.
- Review, maintain and strengthen the organisation’s Information Systems assets risk management framework and programme, incorporating infrastructure and process risk ownership, assessment and mitigation.
- Proactively monitor security activity through continuous research and recommend suitable solutions to further secure and safeguard company systems and information assets.
- Provide expert, timely, and relevant advice to management and the entire organisation about systems security issues and activities affecting Kenya Power.
- Establish and maintain a computer incident response capability, and provide appropriate systems specialist support to investigations, forensics and recovery.
- Championing security efforts towards compliance with regulatory standards and Best Practice; Provide specialist guidance to company employees on ICT security and risk matters.
- Ensure that processes to generate, review, and act on audit trails are implemented, managed, and reviewed periodically.
- Work closely with ICT departments on corporate technology development to fully secure information, computer, network, and processing systems.
- Create, and maintain the enterprise’s security awareness training program.
- Engage in ongoing communications with peers in the Systems and Networking groups as well as the various business groups to ensure enterprise wide understanding of security goals, to solicit feedback and to foster co-operation.
- Assist with the design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements.
Job Specifications:
- Bachelor’s Degree
- CISA, CISM Required
- 5 years’ experience as a Systems Administrator (in Networks, Database, Application Systems Administration and Security Management)
- At least 3 years’ experience directly in IS Security duties and responsibilities
- Knowledge of IT security products and techniques, Network Infrastructure, Applications, and equipment pertinent to a large, distributed environment
- Police Clearance Certificate (Certificate of Good Conduct)
Key Competencies
- Understanding of Company business and operational processes
- High levels of Integrity and Ethics
- Drive for results and achievement
- Analytical and strategic thinker
- Creativity and innovation
- Commitment to Company Vision and Values
- Attention to detail and compliance with standards
HOW TO APPLY
Interested persons should submit their applications online through visiting Kenya Power website on http://www.kplc.co.ke Applications should be received not later than Wednesday, 23rd August 2019.
Only shortlisted candidates will be contacted.
Canvassing will lead to automatic disqualification.
Kenya Power is an Equal Opportunity Employer.
