The Nairobi Securities Exchange (NSE) is a company licensed by the Capital Markets Authority (CMA) to facilitate the trading of financial

products through the provision of a trading platform for listed securities.

In line with this, the NSE is seeking to recruit suitably qualified, dynamic, self- motivated and results- oriented individuals to fill the following

position:

Senior Officer, Information Security

Overall Purpose

The role is responsible for planning, development and delivery of a comprehensive information security and privacy program for the NSE.

The purposes of the program include assuring that information created, acquired or maintained by NSE and its authorized users, is accessed and used in accordance with its intended purpose; to protect NSE information and its infrastructure from external or internal threats; and to assure that NSE complies with statutory and regulatory requirements regarding information access, security and privacy.

This role serves as a Technical Advisor to the NSE and is process owner on all areas of information systems security.

Key Duties and Responsibilities

• Work with key IT roles, data custodians and relevant stakeholders in the development/ enhancement of an Information Security (InfoSec) and infrastructure assurance policy;
• Champion development, enforcement and communication of InfoSec policies, standards and procedures;
• Lead the design and implementation of a layered information security architecture covering perimeter to end point;
• Proactively ensuring that the InfoSec architectures at all stages of their life cycle comply with policy and regulatory requirements, and that risks due to disruption of operations, unauthorized modification of data, destruction of computer resources and compromise or loss of information resources are minimized;
• Coordinate the development and delivery of an education and training program on InfoSec and privacy matters for employees and other authorized users so as to ensure compliance;
• Develop and implement an Incident Reporting and Response system to address any security breaches, respond to policy violations or complaints from external parties;
• Lead the implementation and testing of NSE’s recovery and business continuity plan;
• Maintain ongoing knowledge of methodologies and implements best practices in InfoSec management;
• Recommends and champions courses of action and policies that allow NSE to securely meet its organizational goals; 
• Develop and implement an ongoing risk assessment program targeting information security and privacy matters, including regular assessment and reporting on risk and information security posture;
• Lead the preparation of RFPs, bid proposals and other  documentation related to acquisition of information security infrastructure as well as negotiations with vendors, outsourcers and contractors to secure relevant products and services;
• Conduct research, recommend and enforce InfoSec best practice standards in line with globally accepted information security frameworks; and
• Perform any other duties as may be assigned from time to time.

Minimum requirements  

i) Bachelor’s degree in Computer Science, Information technology or equivalent;

ii) Minimum four (4) years’ experience in information security ,information technology or related field;

iii) Professional training/certifications in information security;

iv) Knowledge on the secure design and set up of networks;

v) Knowledge of security of relational Databases;

vi) Ability to maintain confidentiality of privileged information and  to ensure absolute discretion and sensitivity to confidential matters;

vii) Hands on experience in design and deployment of information security architectures;

viii) Working knowledge of UNIX and windows operating system environments;

ix) Working knowledge of and experience in the policy and regulatory environment of information security especially in financial markets;

x) Excellent project management, written and oral communication skills;

xi) Ability to work collaboratively with a broad range of constituencies and diverse groups of people;

xii) Working knowledge of information security best practice standards; and

xiii) Working knowledge of varied network and information security technologies, such as IDS, SIEM, UTM, Endpoint

security solutions etc. will be an added advantage.

If you are up to the challenge and can demonstrate your ability to meet the criteria given above, please submit  your application with a detailed CV stating your current position, current salary and benefits as well as your expected salary, qualifications, experience, names & addresses of three referees and email & telephone contacts together with copies of your academic and professional certificates and testimonials to the address below by close of business on

Friday 19th May, 2017.  

The Chief Executive

Nairobi Securities Exchange Limited

The Exchange, 55 Westlands Road

P.O. Box 43633-00100

NAIROBI

Email: recruitment@nse.co.ke

 Dropping Zone No. 243

Revlon Professional Plaza, 2nd Floor

Applicants who already applied for the position of Senior Officer, Information Security need not re-apply.

Only shortlisted applicants will be contacted.

NSE is an equal opportunity employer committed to ensuring diversity and gender equality. We will seek to recruit the most qualified person for the job irrespective of race, color, marital status, ethnicity, disability, religion or gender. All qualified persons are encouraged to apply.