The purpose Information Security Administrator at Kenya Reinsurance Corporation Limited role is to provide continuous independent assurance on the Organization’s Information Security with regards to confidentiality, integrity, availability and non-repudiation within the IT infrastructure, processing systems and related resources in line with the Information Security Policy and supporting procedures.

This will entail understanding the business processes, and defending information and systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction.

PRIMARY RESPONSIBILITIES:

Provide input in the establishment regarding implementation and adherence to policies and standards that guide and support the terms of the information security strategy.
Take lead in the information systems security configurations, performance optimization and Penetration testing.
Develop IS security plans and design Information Security controls and testing plans.
Managing the information security incident management program to ensure the prevention, detection, containment, and correction of security breaches.
Deploying Al-Driven technology mobilization to proactively manage cyber and enterprise risks.
Ensure Information systems are patched and updated on a timely basis.
Maintain and optimize subsidiary IT infrastructure.
Manage and optimize DR site and related systems security settings.
Review all relevant system logs to identify and address activity that is not consistent with set out Information Security guidelines and standards.
Ensure that the Organization’s processes and procedures are performed in compliance with the Organization’s information security policies and standards.
Ensure that information security is an integral part of the systems development processes and acquisition processes.
Ensure that information security is maintained throughout the organization’s processes (e.g., change control) and life cycle activities.
Ensure the performance of contractually agreed information security controls. (e.g., outsourced providers, business partners, customers, third parties)
Proactively anticipate potential threats and vulnerabilities and provide guidance on effective control measures.
Working with the risk function to oversee and conduct risk management activities (risk assessment, gap analysis, business impact analysis, etc.) to help the Organization reach her acceptable level of risk tolerance.