Job Description
Job Summary:
The jobholder is responsible for supporting the implementation of Information Security management System based on ISO27001 and best practice.
• Key Responsibilities: Implement Information Security Management System based on the ISO/IEC 27001 series standards, including preparation for certification against ISO/IEC 27001
• Perform gap analysis of information security standards such as ISO 27001 and create compliance reports for information security standards such as ISO 27001
• Develop/review IS policies, standards, procedures and guidelines, in liaison with the stakeholder to obtain appropriate approvals and feedback for implementation.
• Compliance monitoring and improvement activities to ensure adherence to internal security policies, procedure, standards and applicable laws and regulations
• Support departments to manage implementation of information security management system.
• Prepare materials and conduct Information security awareness, training and educational activities to stakeholders.
• Manages information security risk assessments and controls selection activities
• Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security controls
• Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting.
• Support the Information Security program including development, collection, assessment, and reporting of metrics
• Recommend security policy changes and enhancements as needed
• Conduct mock ISO Audits and, report on departments’ preparedness for final audit and certification
• Support ISO 27001- audit and certification activities Day-to-day information security operations, supervision, reporting, management of performance and development of staff in the function
Academic Qualifications
A Bachelor’s degree in Computer Science or related field from a recognized institution.
Professional Qualifications
Must have at least one of the following security certifications or training in CISA/CISM/CEH/CHFI/ECIH/CISSP/ISO 27001/CRISP,
Relevant Work Experience
At least one (1) year related IT security work experience in a large or busy organization.
Technical Skills Required:
• Experience in Information Security Management System
• Experience in development of policies and procedures
• Knowledge in Information security risk management
• Experience in Information security awareness development and training
• Experience in cyber security threat Analysis or incident management
Key Competencies:
• Excellent stakeholder engagement skills
• Analytical mind with problem-solving aptitude
• Excellent listening, communication and presentation skills
• Reliable and thorough with a deep commitment to accuracy
• Self-motivated and able to work independently
• A team player
• Ability to prioritize competing work commitments and deliver on time
Job Application Guidelines
Registration:
• Go to https://erecruitment.kra.go.ke/login and then click on the ‘Register’ button to start the application process.
• After registration, you will receive an email enabling you to confirm your email address and complete your registration.
Log on:
• After registration go to https://erecruitment.kra.go.ke/login
• Key in your username and password then click on ‘Log in’ to access your account.
• After successful log in, the system will open the ‘Applicant Cockpit’.
Candidate Profile (To create or update applicant detail):
• On the ‘Applicant Cockpit’ page, go to the tab ‘Candidate Profile’.
• Click on ‘My Profile’ to create and update your profile.
• Follow the instructions to complete your profile.
• The process will end by clicking the tab “Overview and Release”.
• Ensure you click the check box on the page to complete the profile.
Application process:
• To view the open job postings, click on the tab ‘Employment Opportunities’ on the ‘Applicant Cockpit’ page.
• Under the heading ‘Job Search’ click the ‘Start’ button to view all available vacancies.
• Click on the Job posting to display the details of the position.
• To apply for the position, click ‘Apply’ button at the top of the page.
• Follow the instructions to complete and submit your application.
• Kindly note that all mandatory fields must be completed.
• To complete the process of application, click the ‘Send Application Now’ button after reviewing and accepting the ‘Data Privacy Statement’.
In case of any challenges, please send your email query to isupporthr@kra.go.ke
If you experience any delay in receiving an email notification at the end of the e-recruitment registration process, please refresh your email. In case of any challenge, please send your query to isupporthr@kra.go.ke
Kenya Revenue Authority does not charge any fee at any stage of the recruitment process (application, shortlisting, interviewing, and/or offer)