Hazina Sacco Society Ltd was registered in 1971 under Co-operatives Societies Act (Cap 490) of the laws of Kenya as a savings and credit co-operative society.

Responsibilities or duties

• Implementing ICT security policies, procedures, and protocols to safeguard the SACCO's information assets, including databases, networks, and applications.
• Support deployment and ongoing maintenance of security controls and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), and access control mechanisms to mitigate system security risks.
• Conducting security assessments, vulnerability scans, and penetration tests to identify and remediate security gaps in the SACCO's ICT environment.
• Provide technical support for monitoring security incidents and breaches investigating root causes, and implementing incident response procedures as necessary.
• Monitor for security incidents and breaches, lead root-cause investigations, and execute incident response procedures in a timely and effective manner.
• Participate in the implementation of data encryption, backup, and recovery mechanisms to protect sensitive information and ensure business continuity.
• Stay updated on ICT security trends, emerging threats, and best practices, contributing to the enhancement of the SACCO's security posture.
• Conduct system administration functions from time to time which includes; managing system infrastructure, supporting users, safeguarding data, and maintaining system performance.

Qualifications or requirements (e.g., education, skills)

• Bachelor's degree in ICT, Computer Science or a relevant discipline from a recognized university.
• Relevant professional certifications in ICT security such as Certified Information Systems Security Professional (CISSP), Certified Information Security Management (CISM) or Certified Ethical Hacker (CEH), are preferred.
• Membership with CSK or associations related to ICT security is required.
• Technical depth Solid grounding in ICT security principles, standards, and frameworks (e.g. ISO 27001, NIST CSF).
• Systems knowledge Familiarity with database management systems, network security technologies, and security assessment tools.
• Analytical thinking Strong ability to assess complex security risks, analyse incidents, and translate findings into actionable recommendations.
• AI & emerging technology awareness Understanding of AI-related security risks including adversarial attacks, data poisoning, and model misuse as well as the use of AI-driven security tools for anomaly detection, threat intelligence, and automated incident response.
• Communication & collaboration Effective interpersonal skills to work across functions and educate staff on security best practices.
• Professionalism High attention to detail, ability to work both independently and in team settings, with a consistent commitment to delivering results.
• Adaptability Demonstrated willingness to keep pace with the evolving ICT security landscape and rapidly adopt new technologies.

Experience needed

Six (6) years experience in system security management

Any other provided details (e.g., benefits, work environment, team info, or additional notes)

Never pay for any notarisation, certificate or assessment as part of any recruitment process. When in doubt, contact us

• Implementing ICT security policies, procedures, and protocols to safeguard the SACCO's information assets, including databases, networks, and applications.
• Support deployment and ongoing maintenance of security controls and technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), and access control mechanisms to mitigate system security risks.
• Conducting security assessments, vulnerability scans, and penetration tests to identify and remediate security gaps in the SACCO's ICT environment.
• Provide technical support for monitoring security incidents and breaches investigating root causes, and implementing incident response procedures as necessary.
• Monitor for security incidents and breaches, lead root-cause investigations, and execute incident response procedures in a timely and effective manner.
• Participate in the implementation of data encryption, backup, and recovery mechanisms to protect sensitive information and ensure business continuity.
• Stay updated on ICT security trends, emerging threats, and best practices, contributing to the enhancement of the SACCO's security posture.
• Conduct system administration functions from time to time which includes; managing system infrastructure, supporting users, safeguarding data, and maintaining system performance.

• Technical depth Solid grounding in ICT security principles, standards, and frameworks (e.g. ISO 27001, NIST CSF).
• Systems knowledge Familiarity with database management systems, network security technologies, and security assessment tools.
• Analytical thinking Strong ability to assess complex security risks, analyse incidents, and translate findings into actionable recommendations.
• AI & emerging technology awareness Understanding of AI-related security risks including adversarial attacks, data poisoning, and model misuse as well as the use of AI-driven security tools for anomaly detection, threat intelligence, and automated incident response.
• Communication & collaboration Effective interpersonal skills to work across functions and educate staff on security best practices.
• Professionalism High attention to detail, ability to work both independently and in team settings, with a consistent commitment to delivering results.
• Adaptability Demonstrated willingness to keep pace with the evolving ICT security landscape and rapidly adopt new technologies.

• Bachelor's degree in ICT, Computer Science or a relevant discipline from a recognized university.
• Relevant professional certifications in ICT security such as Certified Information Systems Security Professional (CISSP), Certified Information Security Management (CISM) or Certified Ethical Hacker (CEH), are preferred.
• Membership with CSK or associations related to ICT security is required.