ICT Risk Specialist at CIC Insurance

Share and send to your friends !
Post a Job. Highly ranked by Alexa. Click Here to Start
  • Company: CIC Insurance
  • Location: Kenya
  • State: Nairobi
  • Job type: Full-Time
  • Job category: IT/Telecom Jobs in Kenya

CIC Insurance Group Limited, commonly referred to as CIC Group, is an insurance and investment group that operates mainly in Kenya, Uganda, South Sudan and Malawi


Monitor organization-wide compliance with information security policies and standards and proactively identify areas of emerging cyber risks and provide recommendations in liaison with the Information security officer

Primary Responsibilities
  • Work with the business to understand the day to day activities and evaluate that controls provide adequate security and compliance.
  • Monitor organization wide compliance with information security policies and standards and proactively identify areas of emerging cyber risks and provide recommendations in liaison with the Information security officer.
  • Participate in the review and development of information security policies, and related standards and guidelines, by representing the risk department in the ICT working group;
  • Perform periodic user rights reviews for staff and ICT administrators across business systems to ensure privileged access risks are controlled.
  • Monitor that data is captured, stored, processed and disposed off as per the policies. He/she should make sure that data is safeguarded and used responsibly by the data owners at various functional levels.
  • Conduct quarterly ICT Risk reviews and maintain an up-to-date ICT risk register for all the subsidiaries in CIC Insurance Group and proactively oversee implementation of risk mitigations.
  • Support the development of a risk awareness culture across the group through periodic trainings and risk awareness communicate.
  • Research on emerging ICT risks and present a quarterly report to Risk committee of management for every subsidiary.
  • Support business systems owners in the definition of information security requirements for existing and new applications and communication systems;
  • Support project managers during the project risk management process to identify project risks and treatment approaches for systems/ technology-based projects.
  • Provide expert advice on the security architecture and configuration of complex systems to the ICT department;
  • Participate in quality assurance activities by validating, or overseeing the validation of, the correct implementation of security controls before systems enter production;
  • Perform post implementation risk assessments for technology and information systems and recommend appropriate risk management controls.
  • Evaluate training and awareness programs carried out by ICT security and HR;
  • Keep abreast of developments in the field and shares security alerts with those responsible for affected operational functions;
  • Communicate ICT risks to business owners and document risk acceptance.
  • Represent the risk in the incident response team and coordinate the response to information security incidents;
  • Perform and/or oversee red teaming exercises
  • Conduct information risk assessments, identify and recommend risk mitigation measures
Person Specifications

Academic Qualifications

  • Bachelor’s degree in a related field

Professional Qualifications

  • CISA/CISM/CRM or Progress ICT Security Certifications


  • Minimum of four (4) years’ relevant experience

Method of Application

Submit your CV and Application on Company Website : Click Here Closing Date : 19th March, 2021
Architect Job, Architecture Kenyan Job Vacancies, Closing date: June 18, 2021 Background: In October and November 2019, moderate to heavy rains caused substantial flooding in low-lying areas along the Shabelle…
Microsoft Dynamics Crm System Developer Job, IT Jobs March 2021, Position: Microsoft Dynamics Crm System Developer, Location: Nairobi, Job Description The CRM System Developer will be responsible for providing technical…