Company Name: Kenya Revenue Authority (kra)
Job Type: Full Time
The Kenya Revenue Authority (KRA) was established by an Act of Parliament, Chapter 469 of the laws of Kenya , which became effective on 1st July 1995 . The Authority is charged with the responsibility of collecting revenue on behalf of the Government of Kenya. A Board of Directors, consisting of both public and private sector experts, makes policy decisions to be implemented by KRA Management. The Chairman of the Board is appointed by the President of the Republic of Kenya . The Chief Executive of the Authority is the Commissioner General who is appointed by the Minister for Finance. PURPOSE OF KRA Assessment , Collection, Administration and Enforcement of laws relating to revenue.
Department: Corporate Support Services
Division: Information and Communication Technology
Location / Work Station: Nairobi
- This role is responsible for formulating and implementing best practice strategies to manage information security and cyber risks in the Authority.
- Formulate information security strategies to manage information and cyber risks hence protecting revenue and KRA reputation
- Coordinate the development and implementation of the KRA information security policies
- Coordinate the implementation and maintenance of Information Security Management System (ISMS) based on ISO27001 and best practice.
- Coordinate monitoring and surveillance of KRA IT resources to detect and deter cyber attacks
- Ensure confidentiality, integrity and availability of information as well as ensure non- repudiation of electronic transactions in the Authority.
- Oversee the design, acquisition, implementation and operation of information security tools for the protection of KRA information
- Coordinate the design, implementation and review of information security controls in systems, infrastructure and processes to protect KRA information and revenue.
- Provide information security advisories on acquisition and implementation of technology and third party integrations involving/requiring information exchange.
- Oversee development and implementation information security awareness programme across the organization.
- Provide support to relevant departments in information security investigative incidences.
- Day-to-day operations, supervision, management of performance and development of staff in the unit
- A Bachelor’s Degree in Computer Science or related field from a recognized institution.
- Must have at least two of the following security certifications in CEH/CHFI/ECIH/CISSP/ISO 27001 or in relevant information security solutions certification
Relevant Work Experience
- Minimum of five (5) years’ relevant work experience, with at least two (2) years’ experience at entry-level management or a similar role in a large or busy organization.
Technical Skills Required
- Experience in information security solution design or Strategy development
- Knowledge in IT risk management
- Knowledge in Vulnerability Management
- Knowledge in Data protection
- Experience in the Information Security management System (ISMS)
- Experience in cyber security threat Analysis or incident management
- Experience in Project Management
- Leadership and people management skills
- Good decision-making capabilities
- Good planning and organizational skills
- Excellent communication and presentation skills
- Good negotiation, delegation and interpersonal skills
- Professional networking
- Resilient, focused and results-oriented