2,278 Information Security Manager jobs in Kenya

• Developing and executing the organization's information security strategy and roadmap.
• Leading and managing the information security team, providing guidance and mentorship.
• Overseeing the implementation and maintenance of security controls and technologies.
• Conducting regular risk assessments, vulnerability analyses, and penetration tests.
• Developing and managing incident response plans and leading the response to security breaches.
• Ensuring compliance with relevant data protection regulations and industry standards.
• Developing and delivering security awareness training programs for employees.
• Managing relationships with third-party security vendors and service providers.
• Staying abreast of emerging threats, vulnerabilities, and cybersecurity trends.
• Reporting on the security posture and key security metrics to senior management.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree is a plus.
• Minimum of 7 years of progressive experience in information security, with at least 3 years in a management role.
• Extensive knowledge of cybersecurity principles, frameworks (e.g., ISO 27001, NIST), and best practices.
• Proven experience in developing and implementing security policies and procedures.
• Strong understanding of risk management, incident response, and business continuity planning.
• Experience with security technologies such as firewalls, IDS/IPS, SIEM, endpoint protection.
• Excellent leadership, communication, and interpersonal skills.
• Ability to manage complex projects and budgets effectively.
• Relevant security certifications such as CISSP, CISM, or CISA are highly desirable.
• Experience working in a hybrid work environment.

• Lead and mature the Information Security GRC program.
• Develop, implement, and maintain security policies, standards, and procedures.
• Conduct comprehensive risk assessments and manage the risk register.
• Oversee compliance with relevant regulations and frameworks (e.g., ISO 27001, GDPR).
• Manage internal and external security audits.
• Develop and deliver security awareness training programs.
• Report on security posture and GRC metrics to senior leadership.
• Investigate and manage security incidents from a compliance perspective.

• Bachelor's degree in Information Security, Computer Science, or related field.
• 8+ years of experience in information security, with a strong focus on GRC.
• Deep understanding of risk management methodologies and frameworks.
• Expertise in information security standards and regulations (ISO 27001, NIST, GDPR, PCI DSS).
• Proven experience developing and implementing security policies and procedures.
• Excellent leadership, communication, and stakeholder management skills.
• Relevant certifications (CISSP, CISM, CISA, CRISC) are highly preferred.
• Strong analytical and problem-solving capabilities.

• Develop, implement, and manage information security policies, procedures, and controls to ensure compliance with relevant regulations (e.g., GDPR, CCPA, HIPAA, PCI DSS).
• Conduct regular internal and external security audits to assess compliance levels and identify areas for improvement.
• Manage the process of external audits and certifications, acting as the primary point of contact for auditors and assessors.
• Oversee the development and execution of risk management frameworks, including regular risk assessments and mitigation planning.
• Stay informed about evolving legal and regulatory requirements related to data privacy and cybersecurity, and update compliance programs accordingly.
• Develop and deliver security awareness training programs to employees across the organization.
• Investigate and manage any compliance breaches or incidents, ensuring appropriate remediation steps are taken and documented.
• Collaborate with legal, IT, and business units to ensure alignment on compliance strategies and initiatives.
• Prepare regular reports for senior management on the status of information security compliance and identified risks.
• Maintain documentation related to compliance policies, procedures, assessments, and training records.

• Bachelor's degree in Information Technology, Computer Science, Law, or a related field; Master's degree preferred.
• Minimum of 6 years of experience in information security, with at least 3 years specifically focused on compliance and risk management.
• In-depth knowledge of major data privacy and security regulations (GDPR, CCPA, HIPAA, PCI DSS, ISO 27001).
• Proven experience in conducting security audits, risk assessments, and developing remediation plans.
• Strong understanding of IT infrastructure, cybersecurity principles, and common security threats.
• Excellent analytical, problem-solving, and strategic thinking skills.
• Exceptional communication, presentation, and interpersonal skills, with the ability to effectively engage stakeholders at all levels in a remote environment.
• Relevant certifications such as CISM, CISSP, CISA, or CIPP are highly desirable.
• Ability to work independently, manage multiple projects, and meet deadlines in a remote setting.
• Demonstrated leadership capabilities and experience in managing compliance programs.

We embrace passionate Team Members who consistently display our values: United, Informative, Approachable, Caring and Transparent. We are united in our collective effort to achieve member goals and proactively provide solutions tailored to individual Member needs. We are committed to ensuring that each Member receives a positive service experience and trusted financial advice. Join the Nuvision Team today Let us be part of your career journey

The VP Enterprise Risk Management is responsible for directing and delivering an efficient and effective enterprise risk management program across the organization. The VP Enterprise Risk Management serves as the BSA Compliance Officer for the Credit Union and directs the Credit Union's ERM, Information Security and Business Continuity initiatives. Responsibilities include risk assessment monitoring, analysis and reporting, managing fraud mitigation, info security, corporate insurance coverage, litigation, document management, business continuity activities, and BSA/OFAC reporting/administration.

Responsibilities

• Develops and directs the Enterprise Risk Management Program of the organization.
• Establish a structure and process to identify, communicate and prioritize risks and opportunities.
• Cross-functionally develop and implement appropriate risk response plans.
• Develops risk management tools, practices, and policies to assess and report enterprise risks.
• Ensures the organization's risk management policies and risk strategies are in compliance with applicable regulations, rating agency standards, and strategic imperatives of the organization.
• Determines the organization's enterprise risk management architecture / framework.
• Oversees and monitors key strategic and/or operational risk management activities of the organization.
• Provide guidance and direction for the development, implementation, and maintenance of the information security policies and procedures to ensure the security of members' non-public personal information and credit union confidential information.
• Analyze various Information Security Management systems, software and tools for selection, implementation and performance.
• Administrate Information Security Management systems and utilize SIEM and DLP tools to review/analyze aggregated data to determine severity, accuracy of report findings and identify items to forward to appropriate regulatory agencies.
• Ensure all credit union departments implement security standards and follow established guidelines and controls; manage information security incidents.
• Develop Information Security education and awareness for all employees.
• Works with IT management to leverage audit and review results and to assure implementation of IT policies, plans and procedures, and organizational structures designed to provide reasonable assurance that undesired events are detected, prevented and corrected and information security risks are managed appropriately.
• Effectively manages and maintains insurance carrier relationship and policy management, renewal and claims tendering for all organizational polices and business bonds.
• Reviews and update insurance policies to ensure coverage is commensurate with regulatory guidelines.
• Establishes a strategy, framework and methodology for successful execution of business continuity plans and business impact analysis by internal business units.
• Provides guidance and direction for the development, implementation, and maintenance of a policy and plan for all business units, including IT.
• Provide direction for the coordination and management of disaster recovery drills for IT, and comprehensive business continuity drills for all departments, branches, and IT.
• Direct activities associated with fraud investigation, reporting and mitigation.
• Provide guidance and direction for the development, implementation and maintenance of the Credit Union's fraud prevention program, policies and procedures; work with contracted third parties and vendors to identify and mitigate fraud losses; provide training to staff on fraud identification and mitigation strategies and techniques; ensure fraud investigations are prosecuted and closed in a timely manner and that losses are minimized to an industry standard amount.
• Oversee the Credit Union's Bank Secrecy Act Compliance Program including reviewing all regulatory reports prior to submission, making final decisions on SAR filings, and ensuring that the Credit Union practices are aligned with the Risk Assessment and Operating Policy and the policy is commensurate with the size and scope of the Credit Union.
• Oversee the Credit Union's document management process.
• Provides guidance and direction for the development, implementation and maintenance of records management.
• Lead the day-to-day activities and provide full support to direct reports.
• Train, mentor and coach direct reports to further develop their skills and knowledge.
• Communicate project prioritization to ensure the highest project risks are identified and managed in a timely manner.
• Collaborate with the Leadership Team to adequately staff each ERM discipline with competent team members to efficiently and effectively achieve the desired results.
• Supports and participates in continuous improvement activities.
• Represents the Credit Union in a positive and professional manner.
• Maintains member, team members and other sensitive information with confidentiality.
• Treats co-workers and members with respect.
• Supports, participates and volunteers in credit union member community activities, member relations and events that promotes member centric experiences.
• Stays abreast of current trends in financial services, business operations, processes, information technologies and project management disciplines
• Other related duties as assigned

Minimum Qualifications

• 7+ years of experience in risk management, compliance, information security, fraud mitigation, business continuity, with evidence of increasing responsibility and previous management experience.
• Must have experience in operational efficiency initiatives, systems development and project management related disciplines such as management consulting, quality management, financial management and organization change management.
• Knowledge Comprehensive knowledge of banking products and services and compliance requirements of the Bank Secrecy Act, Gramm Leach Bliley Act as well as Information Security and Business Continuity and ERM principles
• Comprehensive knowledge of standard concepts, practices and procedures within the financial services industry related to financial crimes and regulatory report filing.
• Comprehensive knowledge of corporate insurance and bond requirements, negotiations and claims tendering.
• Comprehensive knowledge of information security management systems, software and tools to ensure information security risks are managed appropriately.
• Strong leadership, management and interpersonal skills throughout all levels of the organization.
• People management skills with a particular emphasis on performance management disciplines.
• Strong third party/vendor management and contract negotiation skills.
• Strong problem solving ability.
• Presentation skills and self starter.
• Ability to identify and define appropriate quality measures and performance targets.
• High attention to detail and observant of business conditions.
• Excellent speaking and writing skills.
• Effective public relations abilities.
• Articulate and persuasive leader to serve as an effective member of the management team.
• Creative and able to develop innovative solutions.
• Able to work in a fast paced, high stress environment with multiple and/or constantly changing priorities.
• Key Competencies: Business Acumen, Process Management, Negotiating, Conflict Management, Developing Direct Reports, Motivating Others, Sizing Up People Certification Certified Anti-Money Laundering Specialist (CAMS) or Certified Fraud Examiner (CFE) or other equivalent Credit Union Enterprise Risk Management Expert (CUERME) or other equivalent

Preferred Qualifications

• 10+ years of experience in risk management, compliance, information security, fraud mitigation, business continuity, with evidence of increasing responsibility and previous management experience.
• Certified Information Security Professional (CISSP), Global Information Assurance Certification (GIAC), GIAC Security Leadership Certification(GLSC)
• Post graduate degree preferred. Experience working for an organization with a regional model including some matrix reporting structure.

Education:
2-year degree or experience in related field or equivalent

Website:

Pay scale by applicable geographic location:

• Alaska: Min $134, Mid $67, Max 201,251.82
• Arizona: Min 118, Mid 147, Max 177,430.17
• Florida: Min 112, Mid 141, Max 169,215.81
• Nevada: Min 121, Mid 151, Max 181,537.35
• Southern California: Min 129, Mid 161, Max 193,858.89
• Texas: Min 113, Mid 142, Max 170,858.68
• Washington: Min 137, Mid 171, Max 206,180.43

The final pay offered to a successful candidate will be dependent on several factors that may include but are not limited to the type and years of applicable experience within the job, the type of years and experience within the industry, job related training/education, etc.

California Employee Privacy Notice

Benefits

• Medical
• Dental
• Vision
• Life Insurance
• Flexible Spending Account
• 401(k) Matching
• Paid Time Off
• Training Provided
• Tuition Reimbursement

• Developing, implementing, and maintaining comprehensive risk management frameworks and policies across the organization.
• Conducting thorough risk assessments for new products, services, and business initiatives.
• Analyzing financial data to identify potential risks, including credit risk, market risk, operational risk, and liquidity risk.
• Performing stress testing and scenario analysis to evaluate the resilience of the institution under adverse conditions.
• Developing and implementing effective risk mitigation strategies and action plans.
• Monitoring regulatory changes and ensuring compliance with all relevant banking regulations and guidelines.
• Preparing detailed risk reports and presentations for senior management and the board of directors.
• Collaborating with business units to promote a strong risk culture and provide guidance on risk management best practices.
• Investigating and analyzing risk incidents, recommending corrective actions, and tracking their implementation.
• Staying abreast of emerging risks and industry trends in the financial services sector.

• Develop and maintain comprehensive risk management policies and procedures for the insurance business.
• Identify and assess financial, operational, strategic, and compliance risks.
• Conduct regular risk assessments and analyze data to quantify potential impacts.
• Design and implement risk mitigation strategies and action plans.
• Monitor the effectiveness of risk controls and recommend improvements.
• Prepare detailed risk reports for senior management and relevant committees.
• Ensure compliance with all regulatory requirements related to risk management in the insurance industry.
• Stay informed about emerging risks and industry trends.
• Collaborate with various departments to embed a strong risk culture throughout the organization.
• Develop and deliver risk management training to staff.
• Manage relationships with external auditors and regulators on risk-related matters.

• Bachelor's degree in Finance, Economics, Actuarial Science, Risk Management, or a related field.
• A minimum of 7 years of experience in risk management, preferably within the insurance or financial services industry.
• Strong knowledge of insurance products, operations, and regulatory frameworks (e.g., IRDA regulations).
• Proven experience in risk assessment methodologies, quantitative analysis, and risk modeling.
• Excellent understanding of internal controls and compliance frameworks.
• Strong analytical, problem-solving, and decision-making skills.
• Effective communication and presentation skills, with the ability to articulate complex risk issues clearly.
• Proficiency in risk management software and data analysis tools.
• Relevant professional certifications such as CRM, FRM, or PRM are highly desirable.
• Ability to work independently and as part of a team.