Senior Manager, Security Architecture & Engineering at NCBA Group

Job Description

Job Purpose Statement

The Senior Manager, Cyber Security Architecture and Engineering is responsible for designing and implementing cybersecurity tools to mitigate cyber risks and ensure compliance with industry standards and regulations. The tools implemented will cover critical systems such as Mshwari, Mokash, MPAWA and LOOP apps in Kenya, Uganda, Ghana, Tanzania, Rwanda and Ivory Coast. The focus areas will include Network, Application, Database and Operating system among others. The role will drive continuous tuning and administration of the implemented solutions.

The role will also lead Technology Security Research and Development in modern technologies such as cloud computing, containerization, AI, and Quantum computing. They will develop security engineering best practices for a fast paced and agile based digital banking environment.

Key Accountabilities (Duties and Responsibilities)

Architecture & Governance 30%

The role will be a member of the Technology Enterprise Architecture Board that will be responsible for reviewing and approving of technology initiatives.
They will develop security architecture best practices and ensure they incorporated in the implementation of technology systems.
Periodically benchmark and review the security architecture in line with best practice and business strategy.
Security Engineering 40%

The role will lead planning, design and implementation of Technology security tools in alignment to the defined best practices.
This role will ensure administration, and support of technology security tools.
They will maintain an up-to-date inventory of Information Security systems and their licenses.
Research & Development 20%

Lead research on emerging technologies such as cloud, AI, and Quantum computing to identify applicable threats and their mitigations.
Lead automation of cyber processes and risk mitigation.
Ensure attendance of research & innovation sessions with other teams such as Digital Engineering and Enterprise architecture.
People & Leadership 10%

Leadership and performance management for direct reports. Conduct regular feedback and objective end of year reviews.
Coordinate and manage resources and vendors to support investment in Technology Security.
Direct and supervise the team members and vendors assigned to the department.
Job Specifications

Academic:

University degree, in Computer Science or technical field.
Professional:

Information security certifications e.g. CISSP/CISM/CISA/CEH
Information Technology certifications are desirable: ITIL, COBIT, TOGAF, PRINCE2, ISO, Cloud technology.
Strong understanding of common best practices, frameworks, and regulations (ISO 27001, ISO22301, OWASP, MITRE ATT&CK, CIS, etc).
Experience in implementing security solutions such as IPS, SIEM, DLP, AD, DAM, PKI etc.
Desired work experience:

At least 7 years’ experience in Information Technology management, 3 of which should have been in a management capacity in a similar sized organization having led successful IT transformation projects and/or initiatives.