Information Risk Manager
2026-07-10T16:02:06+00:00
KCB Bank Kenya
https://cdn.greatkenyanjobs.com/jsjobsdata/data/employer/comp_8992/logo/kCB.png
https://ke.kcbgroup.com/
FULL_TIME
Nairobi
Nairobi
00100
Kenya
Finance
Computer & IT, Management, Business Operations
2026-07-24T17:00:00+00:00
8
Background information about the job or company (e.g., role context, company overview)
Looking for an IT job in Kenya? KCB Bank is hiring an Information Risk Manager skilled in cybersecurity governance, information risk assessment, IT compliance auditing, and data security management.
Responsibilities or duties
Carry out reviews along the various phases of a project’s lifecycle as detailed in the bank’s Project Management framework to ensure that all delivered systems comply;
Provide guidance in resolving IS audit findings and lead the development of reports and corrective action plans;
Provide guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations;
Develop and implement Risk Management Policies, procedure, standards and guidelines based on best practice benchmarking COBIT, ISO/IEC 270001, NIST, ITIL and other relevant standards;
Review and recommend appropriate security enhancement of our network by evaluating network design and ensure implementation of effective firewall security policies;
Manage incidents and complaints about ICT Services;
In liaison with IT ensure effective change management process is in place;
Review and evaluate system backup and disaster recovery standards for the bank, follow up on the implementation and provide support to ICT Department to ensure quick recovery in the event of disaster;
Reviewing the Business Continuity Programme for effectiveness and completeness and recommend appropriate action;
Reviewing System Security Configurations for effectiveness and recommend appropriate settings;
Lead and mentor a team of Information Risk Managers and Analysts, fostering a collaborative and high-performing environment.
Conduct comprehensive reviews and provide independent assurance on projects, cybersecurity, and governance initiatives.
Offer objective and insightful recommendations to enhance the bank’s information systems and ICT infrastructure.
Ensure the bank’s data and systems are secure and compliant with industry standards and regulations.
Stay updated with emerging technologies and trends, identifying potential risks and opportunities for the bank.
Collaborate with various departments to understand their information risk needs and provide tailored solutions.
Develop and implement risk assessment frameworks and methodologies to identify and mitigate potential risks.
Prepare and present risk reports to senior management, offering clear and actionable insights.
Build and maintain strong relationships with internal stakeholders and external partners to ensure effective risk management.
Stay informed about industry best practices and contribute to the bank’s overall risk management strategy.
Qualifications or requirements (e.g., education, skills)
Bachelor’s degree in Computer Science, Information Technology, or a related field, with a Master’s degree preferred.
Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification is an advantage.
Strong knowledge of information security principles, risk assessment methodologies, and industry standards.
Excellent leadership and mentoring skills, with the ability to inspire and develop a high-performing team.
Analytical mindset with a problem-solving approach, able to identify risks and propose effective solutions.
Effective communication skills, both written and verbal, to present complex information to diverse audiences.
Ability to work independently and manage multiple projects simultaneously, ensuring timely delivery.
Strong interpersonal skills to build relationships and collaborate with stakeholders at all levels.
A proactive and innovative mindset, constantly seeking opportunities to enhance the bank’s information risk management practices.
Experience needed
Minimum of 8 years of experience in information risk management, with a proven track record of leading teams.
- Carry out reviews along the various phases of a project’s lifecycle as detailed in the bank’s Project Management framework to ensure that all delivered systems comply;
- Provide guidance in resolving IS audit findings and lead the development of reports and corrective action plans;
- Provide guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations;
- Develop and implement Risk Management Policies, procedure, standards and guidelines based on best practice benchmarking COBIT, ISO/IEC 270001, NIST, ITIL and other relevant standards;
- Review and recommend appropriate security enhancement of our network by evaluating network design and ensure implementation of effective firewall security policies;
- Manage incidents and complaints about ICT Services;
- In liaison with IT ensure effective change management process is in place;
- Review and evaluate system backup and disaster recovery standards for the bank, follow up on the implementation and provide support to ICT Department to ensure quick recovery in the event of disaster;
- Reviewing the Business Continuity Programme for effectiveness and completeness and recommend appropriate action;
- Reviewing System Security Configurations for effectiveness and recommend appropriate settings;
- Lead and mentor a team of Information Risk Managers and Analysts, fostering a collaborative and high-performing environment.
- Conduct comprehensive reviews and provide independent assurance on projects, cybersecurity, and governance initiatives.
- Offer objective and insightful recommendations to enhance the bank’s information systems and ICT infrastructure.
- Ensure the bank’s data and systems are secure and compliant with industry standards and regulations.
- Stay updated with emerging technologies and trends, identifying potential risks and opportunities for the bank.
- Collaborate with various departments to understand their information risk needs and provide tailored solutions.
- Develop and implement risk assessment frameworks and methodologies to identify and mitigate potential risks.
- Prepare and present risk reports to senior management, offering clear and actionable insights.
- Build and maintain strong relationships with internal stakeholders and external partners to ensure effective risk management.
- Stay informed about industry best practices and contribute to the bank’s overall risk management strategy.
- Cybersecurity governance
- Information risk assessment
- IT compliance auditing
- Data security management
- Risk Management Policies development and implementation
- Network security evaluation
- Incident management
- Change management process oversight
- System backup and disaster recovery evaluation
- Business Continuity Programme review
- System Security Configurations review
- Leadership and mentoring
- Independent assurance provision
- Risk assessment frameworks development
- Risk reporting to senior management
- Stakeholder relationship management
- Industry best practices awareness
- Bachelor’s degree in Computer Science, Information Technology, or a related field
- Master’s degree preferred
- Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification is an advantage
- Strong knowledge of information security principles, risk assessment methodologies, and industry standards
- Excellent leadership and mentoring skills
- Analytical mindset with a problem-solving approach
- Effective communication skills, both written and verbal
- Ability to work independently and manage multiple projects simultaneously
- Strong interpersonal skills
- Proactive and innovative mindset
JOB-6a51177e13912
Vacancy title:
Information Risk Manager
[Type: FULL_TIME, Industry: Finance, Category: Computer & IT, Management, Business Operations]
Jobs at:
KCB Bank Kenya
Deadline of this Job:
Friday, July 24 2026
Duty Station:
Nairobi | Nairobi
Summary
Date Posted: Friday, July 10 2026, Base Salary: Not Disclosed
Similar Jobs in Kenya
Learn more about KCB Bank Kenya
KCB Bank Kenya jobs in Kenya
JOB DETAILS:
Background information about the job or company (e.g., role context, company overview)
Looking for an IT job in Kenya? KCB Bank is hiring an Information Risk Manager skilled in cybersecurity governance, information risk assessment, IT compliance auditing, and data security management.
Responsibilities or duties
Carry out reviews along the various phases of a project’s lifecycle as detailed in the bank’s Project Management framework to ensure that all delivered systems comply;
Provide guidance in resolving IS audit findings and lead the development of reports and corrective action plans;
Provide guidance for the Resumption and Recovery of time sensitive business operations in accordance with pre-established timeframes as well as ensuring that adequate plans are in place for the less time sensitive business operations;
Develop and implement Risk Management Policies, procedure, standards and guidelines based on best practice benchmarking COBIT, ISO/IEC 270001, NIST, ITIL and other relevant standards;
Review and recommend appropriate security enhancement of our network by evaluating network design and ensure implementation of effective firewall security policies;
Manage incidents and complaints about ICT Services;
In liaison with IT ensure effective change management process is in place;
Review and evaluate system backup and disaster recovery standards for the bank, follow up on the implementation and provide support to ICT Department to ensure quick recovery in the event of disaster;
Reviewing the Business Continuity Programme for effectiveness and completeness and recommend appropriate action;
Reviewing System Security Configurations for effectiveness and recommend appropriate settings;
Lead and mentor a team of Information Risk Managers and Analysts, fostering a collaborative and high-performing environment.
Conduct comprehensive reviews and provide independent assurance on projects, cybersecurity, and governance initiatives.
Offer objective and insightful recommendations to enhance the bank’s information systems and ICT infrastructure.
Ensure the bank’s data and systems are secure and compliant with industry standards and regulations.
Stay updated with emerging technologies and trends, identifying potential risks and opportunities for the bank.
Collaborate with various departments to understand their information risk needs and provide tailored solutions.
Develop and implement risk assessment frameworks and methodologies to identify and mitigate potential risks.
Prepare and present risk reports to senior management, offering clear and actionable insights.
Build and maintain strong relationships with internal stakeholders and external partners to ensure effective risk management.
Stay informed about industry best practices and contribute to the bank’s overall risk management strategy.
Qualifications or requirements (e.g., education, skills)
Bachelor’s degree in Computer Science, Information Technology, or a related field, with a Master’s degree preferred.
Certified Information Systems Auditor (CISA) or Certified Information Security Manager (CISM) certification is an advantage.
Strong knowledge of information security principles, risk assessment methodologies, and industry standards.
Excellent leadership and mentoring skills, with the ability to inspire and develop a high-performing team.
Analytical mindset with a problem-solving approach, able to identify risks and propose effective solutions.
Effective communication skills, both written and verbal, to present complex information to diverse audiences.
Ability to work independently and manage multiple projects simultaneously, ensuring timely delivery.
Strong interpersonal skills to build relationships and collaborate with stakeholders at all levels.
A proactive and innovative mindset, constantly seeking opportunities to enhance the bank’s information risk management practices.
Experience needed
Minimum of 8 years of experience in information risk management, with a proven track record of leading teams.
Work Hours: 8
Experience in Months: 12
Level of Education: bachelor degree
Job application procedure
Application Link:Click Here to Apply Now
All Jobs | QUICK ALERT SUBSCRIPTION