Kenya Re Hiring Information Security Administrator

The Information Security Administrator is responsible for safeguarding Kenya Reinsurance Corporation’s IT infrastructure and information assets, ensuring confidentiality, integrity, availability, and non-repudiation across systems. This role focuses on implementing and enforcing the Information Security Policy, managing security controls, and proactively protecting the organization from unauthorized access and cyber threats.

Primary Responsibilities

  1. Policy and Standards Development: Contribute to the establishment and enforcement of policies and standards that support the organization’s information security strategy.
  2. Security Configuration and Optimization: Lead in configuring and optimizing information systems security, including conducting penetration testing.
  3. Security Planning and Control Design: Develop security plans and implement controls and testing strategies to maintain robust security measures.
  4. Incident Management: Manage the information security incident response program to prevent, detect, contain, and remediate security breaches.
  5. Cyber Risk Management: Use AI-driven technology to proactively identify and mitigate cyber and enterprise risks.
  6. Patch Management: Ensure timely updates and patching of all information systems.
  7. IT Infrastructure Optimization: Maintain and enhance the security of the subsidiary IT infrastructure.
  8. Disaster Recovery: Manage the disaster recovery site and ensure security measures are optimized.
  9. Log Review and Compliance: Monitor system logs to identify and respond to suspicious activity in accordance with information security standards.
  10. Policy Adherence: Ensure organizational processes comply with information security policies and standards.
  11. Development and Acquisition: Integrate information security into systems development and acquisition processes.
  12. Lifecycle Security Maintenance: Maintain information security throughout system change control and lifecycle processes.
  13. Contractual Security Compliance: Ensure that outsourced providers, business partners, and third parties adhere to agreed information security controls.
  14. Threat and Vulnerability Management: Identify potential threats and provide guidance on effective security measures.
  15. Risk Management: Collaborate with the risk team to conduct risk assessments, gap analyses, and impact analyses to achieve acceptable risk levels.

Additional Duties

  1. Provide recommendations on physical and technical security controls.
  2. Advise on disaster recovery procedures to minimize data and system loss.
  3. Collaborate with vendors, auditors, management, and departments to strengthen information security.
  4. Offer guidance on security best practices, including risk analysis and control selection.

Qualifications and Experience

  • Academic: Bachelor’s degree in Computer Science, Information Technology, or a related field.
  • Professional: Certification in one or more of the following: CISM, CISA, CISSP, CCNA, CompTIA Security+, Certified Ethical Hacker.
  • Experience: At least 3 years of experience in information systems security administration.

Skills and Competencies

  • Excellent interpersonal and communication skills.
  • Strong knowledge of network protocols, server architecture, and security software.
  • Proficiency in Microsoft and Linux environments, virtualization, backup solutions, and network technologies (WAN, LAN, VOIP, Wireless, VPN).
  • Expertise in information security systems including Firewalls (Check Point), IDS, IPS, SIEM, PAM, SOC, SOA, and antivirus.
  • Familiarity with database and application connectivity protocols and Microsoft server roles (Domain Controller, DNS, AD, ADFS, DHCP, Azure, Microsoft Exchange, Office 365).

Apply Now

Press ESC to close