Job Description
Job Summary:
The job holder is responsible for the management of technical vulnerabilities and implementation of security controls in the organization’s Business Systems. The role includes carrying out vulnerability assessments, penetration testing, identifying security gaps, ensuring that the network, databases, business systems and services comply with the approved policy, best practice, security requirements and set minimum baseline standards.
Key Responsibilities:
• Review KRA Business systems for technical vulnerabilities and ensure appropriate safeguards are in to provide mitigations.
• Coordinate vulnerability assessments, penetration tests, security reviews on business systems, services and databases using various tools and personal knowledge.
• Ensure compliance with the approved policy, best practice, security requirements and set minimum baseline standards for the business systems.
• Coordinate development of system security requirements for the various systems at acquisition/development and carry out security tests on the systems before deployments
• Identify, recommend, and configure suitable tools to enhance Information systems security.
• Monitor systems and applications for security issues, vulnerabilities and recommend remediation including patching and upgrades, rules updates
• Attend Change Advisory Committee meetings for enhancement of business operations.
• Ensure compliance to ISO (9001/2015 and 27001/2013) and ISMS and data security requirements.
• Day-to-day information security operations, supervision, reporting, management of performance and development of staff in the function
Academic Qualifications
Bachelor’s degree in Computer Science or IT related field.
Professional Qualifications
Must have at least one of the following certifications or training in CEH/CHFI/ECIH/CISSP.
Relevant Work Experience
At least three (3) years related IT security work experience in a large or busy organization.
Technical Skills Required:
• Experience in Vulnerability Assessments and Penetration testing.
• Experience in Digital Forensics, cyber security threat Analysis or incident management
• Proficiency in implementation and use of security testing tools/solutions.
• Broad-based IT experience with technical knowledge of Network, Virtualization, Hardware, Storage, Operating systems, and Applications.
• Good command of SQL language.
• Good command of Unix/Linux/windows
• Knowledge in Information security risk management
• Experience in Information Security Management System
• Experience in Project Management
Key Competencies:
• Excellent stakeholder engagement skills
• Analytical mind with problem-solving aptitude
• Excellent listening, communication and presentation skills
• Reliable and thorough with a deep commitment to accuracy
• Self-motivated and able to work independently
• A team player
• Ability to prioritize competing work commitments and deliver on time
Job Application Guidelines
Registration:
• Go to https://erecruitment.kra.go.ke/login and then click on the ‘Register’ button to start the application process.
• After registration, you will receive an email enabling you to confirm your email address and complete your registration.
Log on:
• After registration go to https://erecruitment.kra.go.ke/login
• Key in your username and password then click on ‘Log in’ to access your account.
• After successful log in, the system will open the ‘Applicant Cockpit’.
Candidate Profile (To create or update applicant detail):
• On the ‘Applicant Cockpit’ page, go to the tab ‘Candidate Profile’.
• Click on ‘My Profile’ to create and update your profile.
• Follow the instructions to complete your profile.
• The process will end by clicking the tab “Overview and Release”.
• Ensure you click the check box on the page to complete the profile.
Application process:
• To view the open job postings, click on the tab ‘Employment Opportunities’ on the ‘Applicant Cockpit’ page.
• Under the heading ‘Job Search’ click the ‘Start’ button to view all available vacancies.
• Click on the Job posting to display the details of the position.
• To apply for the position, click ‘Apply’ button at the top of the page.
• Follow the instructions to complete and submit your application.
• Kindly note that all mandatory fields must be completed.
• To complete the process of application, click the ‘Send Application Now’ button after reviewing and accepting the ‘Data Privacy Statement’.
In case of any challenges, please send your email query to isupporthr@kra.go.ke
If you experience any delay in receiving an email notification at the end of the e-recruitment registration process, please refresh your email. In case of any challenge, please send your query to isupporthr@kra.go.ke
Kenya Revenue Authority does not charge any fee at any stage of the recruitment process (application, shortlisting, interviewing, and/or offer)