Security and Guards

AAR Insurance Hiring Information Security Officer

by Adonai
written by Adonai

/ AAR Insurance

INFORMATION SECURITY OFFICER

Overall Purpose of the Job

Reporting to the Group Head of Technology, the Information Security Officer (ISO) is responsible for developing and implementing the enterprise-wide information security strategy for the AAR Insurance Group. They will oversee the security of both cloud and on-premise environments, ensuring robust cybersecurity measures, data privacy compliance, and risk management frameworks are in place and shall act as the focal point for all cyber security related engagements. This role requires deep expertise in regulatory compliance, cloud security, and enterprise risk management within the insurance/financial sector.

Key Responsibilities

  • Develop, implement, and oversee the organization’s comprehensive information security strategy, ensuring alignment with business objectives and regulatory requirements.
  • Develop/enhance and implement information security policies, procedures, and controls aligned with business objectives and regulatory requirements.
  • Lead the cybersecurity function, ensuring security policies, procedures, and standards are adhered to across all business units.
  • Collaborate with IT, legal, and compliance teams to maintain a strong security posture.
  • Ensure compliance with relevant data privacy and protection regulations, including HIPAA, GDPR, and local insurance regulatory frameworks.
  • Establish and maintain risk management programs to assess, mitigate, and monitor security risks in cloud and on-premise environments.
  • Monitor and manage security risks, ensuring proper documentation and remediation plans are in place.
  • Lead audits, security assessments, and reporting for internal stakeholders and regulatory bodies.
  • Define and enforce security controls for hybrid IT infrastructure, including cloud platforms (AWS, Azure) and on-premise data center.
  • Implement best practices for identity and access management (IAM), network security, encryption, and endpoint protection.
  • Oversee security incident response plans and lead remediation efforts in case of cyber threats or breaches.
  • Develop and maintain a proactive threat intelligence program to detect, respond to, and mitigate cyber threats.
  • Lead incident response efforts, ensuring rapid detection, containment, and resolution of security breaches.
  • Continuously improve the organization’s security posture through red team exercises, penetration testing, and vulnerability assessments.
  • Develop and lead employee security awareness programs to promote compliance with best practices.
  • Engage with third-party vendors, partners, and contractors to ensure security requirements are met.
  • Stay up to date with emerging cybersecurity threats, trends, and best practices to proactively enhance security measures.
  • Evaluate and implement advanced security technologies, including zero-trust architecture, AI-driven security analytics, and cloud-native security solutions.
  • Lead security due diligence for IT projects, mergers, and acquisitions.

Education, Experience & Competencies

  • Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
  • Relevant certifications such as CISSP, CISM, CISA, CRISC, CCSP, CEH or equivalent are highly desirable.
  • 5+ years of experience in information security roles, preferably in the financial, insurance or healthcare sector.
  • Proven experience managing security in hybrid cloud and on-premises environments.
  • Strong knowledge of regulatory compliance (HIPAA, GDPR, ISO 27001, PCI DSS, etc.).
  • Experience handling security operations, incident response, and risk management in a complex IT landscape.
  • Strong leadership, problem solving and communication skills, with the ability to influence executive leadership and business units.
  • Understanding of cloud security architecture and DevSecOps principles.
  • Hands-on knowledge of firewall management, endpoint security, SIEM, IAM, and SOC operations.
  • Ability to assess and manage third-party security risks.
  • High level of integrity, confidentiality, and a proactive approach to cybersecurity.

If you meet the above requirements and wish to be part of our vibrant team, please send your application letter and updated CV attaching any testimonials to the email address [email protected].

At AAR Insurance, we are an equal-opportunity employer that values diversity and positively encourage applications from suitably qualified and eligible candidates regardless of race, religion, gender and age.

Your application should reach us by 30th April 2025.

Job Category: INFORMATION SECURITY OFFICER

Job Type: Full Time

Job Location: Head OfficeKenyaNairobi

Deadline date: 30th April 2025

You may also like

AAR Insurance Hiring Information Security Officer

KWAL Hiring Security Officer – Brand Protection

11 Vacancies Open At Equity Bank

We DO NOT support recruitment agents/entities that demand money or any other favors from applicants to expedite hiring process. We shall not be liable to any money, favors and valuables lost during the process. Incase you see it on this site, report it to us via our Facebook page Pata Kazi so as to take the necessary action. Report the matter to the police asap.

 

More from Us: OYK-CVs | Internshub

 

© 2025 All Rights Reserved. Web Design by Clinet Online

Facebook X-twitter Telegram Whatsapp

Soledad is the Best Newspaper & Magazine WordPress Theme with tons of customizations and demos ready to import. This theme is perfect for blogs and excellent for online stores, news, magazine or review sites.

More About Us

Subscribe

Adblock Detected

Please support us by disabling your AdBlocker extension from your browsers for our website.