Cellulant Governance, Risk and Compliance Officer Job in Kenya 2019

Governance, Risk and Compliance Officer

Cellulant is the leading one-stop digital payments company in Africa, for Africa by Africans; providing the glue connecting everyone to everything, every day.

To do this we are looking for qualified, passionate, dynamic and vibrant people to drive our strategy and agenda.

Role Context: As a professional in the Information Security Governance, Risk and Compliance field, you should have a solid understanding of IT security technologies, including network and application security, firewalls, access management, and data protection.

Its customers range from Software Developers, Hub Engineers, Implementation Engineers, Infrastructure team and Service Management. These information security tasks aim to enforce / maintain confidentiality, integrity and availability of Cellulant’s information.

Duties and Responsibilities

  • Own and advance existing security risk management practice & tools in line with external best practices, leading security frameworks, and legal requirements, and act as a functional lead to people involved in the security risk management activities.
  • Develop, deliver, and continuously update Cellulant policies and procedures based on industry frameworks and regulatory requirements (e.g., ISO 27001 PCI DSS, GDPR), including the maintenance of Cellulant’s Information Security Management System (ISMS)
  • Assist with ISMS internal audits and internal security process reviews to verify the effectiveness of our security control environment. Manage the associated continuous improvement process.
  • Build bridges across the global enterprise and bring together various parts of the organization around common security and privacy processes through the use of networking, tools, and communication channels
  • Partner with business stakeholders to ensure alignment of information security and privacy with business strategy
  • Develop and maintain a third-party risk assessment program, working with Cellulant’s business and technology teams
  • Manage the security awareness program that educates all personnel on information security and privacy requirements
  • Holistically and continuously identify security risks that might impact our success, reputation or compromise our assets. Work with and across the organization as needed to ensure that appropriate mitigation strategies will be implemented and executed to mitigate significant risks.
  • Ensures continual alignment to the business and IT strategy through oversight of the Information Security Risk Management framework and processes.
  • Executes, maintains, oversee the procurement and implementation of GRC tools with the goal of improving efficiency, reducing costs, improving agility and optimizing information technology governance, risk and controls management processes, while providing the business a more defined view into technology risk.
  • Understands the business organizational structure and culture to best attain objectives and results.
  • Plan and execute respective risk management activities.
  • Prepare and deliver high quality internal risk reporting for the executive leadership, supervisory board members, and other leaders in the organizations as needed.
  • Manage ongoing engagement, issues resolution and information sharing on all risk relevant topics driving effective response plans across the enterprise, including with developers, product, and service teams.
  • Monitor security and privacy activities and report on compliance practices within assigned products and service teams to relevant parties.
  • Provide any additional support as required by the Head of Information Security and Risk as required.

Professional Qualifications:

Knowledge / Skill / Ability:

  • 3+ years’ experience of working in an information security role, with a good understanding of information security risk assessments.
  • Experience of working in an ISO27001 certified environment, including experience of external certification audits.
  • Familiarity with security frameworks and various compliance requirements (e.g. ISO27001, PCI DSS, GDPR)
  • Security standards and policy development experience.
  • Experience of completing third party assurance reviews.
  • ISMS internal audit and security review experience.
  • Communicate effectively through written and verbal means to co-workers and senior leadership and effectively manage multiple tasks simultaneously, coordinating and ensuring scheduled goals are met.
  • Experience with the conduct of an information security investigation and remediation.
  • Experience with security technology and processes used to defend an international enterprise network.
  • Experience analyzing business or technical problems and proposing and implementing solutions.
  • Excellent communication skills, verbal and written and be a self-managed / self-driven individual.
  • Experience of developing and delivering security training and awareness material for staff.
  • Able to convey complex and technical information in a simple and straightforward manner, to non-technical stakeholders.
  • Ability to deal with changing priorities and multi-task several projects.

Send your CV in PDF, email subject: Governance, Risk and Compliance Officer to jobs@cellulant.com before April 15th 2019.

Only shortlisted candidates will be contacted.