We are pleased to announce the following Head of Department – Cyber Security within the Corporate Security Division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below.
Reporting to the Chief Corporate Security Officer, the position holder will be responsible for all security elements within the Cyber Security Function, designing, implementing and managing sound Security controls in support of other Business Units.
The role holder will lead overall management of Safaricom’s Cyber Security Operations, which includes the following functions: Cyber Strategy & Secure By Design, Cyber Prevent & Defence Center, Managed Cyber Security Services and Cyber Security Governance Risk & Control.
- Ensure effective implementation of Security within the company, for the benefit of Strategic Business Units, ensuring that all risks are effectively managed or mitigated.
- Identify and promote industry best practice for cyber security strategy, and security risk management for Safaricom.
- Implementation, monitoring and management of security aspects of Network & IT infrastructure and applications including vulnerability assessments, penetration testing and resolutions on all technical systems.
- On a regular basis, facilitate the development and review of security infrastructure, application, people and financial plans and policies in line with Divisional and Company objectives.
- In collaboration with stakeholders, ensure adequate budget, resource and management focus on cyber security risks.
- Develop and manage a team to provide timely and comprehensive support to projects and internal business users on issues relating to IT Security.
- Development and analysis of relevant management reports on various key aspects of the section’s responsibilities
- 10+ years’ experience in a large IT environment with at least 5 years of which should be in a senior leadership position
- Minimum of 5 years focused Cyber Security management experience
- Deep technical understanding of security vulnerabilities and risks, as well as countermeasures and compensating controls
- Subject Matter Expertise (SME) in at least three (3) of the following domains: platform security, network security, application security, data security, cloud security, database security, user access management or embedded device security
- Expert knowledge in industry standard security frameworks such as ISO, GDPR, NIST, OWASP etc.
- Experience leading incident response and forensics investigations
- Executive level leadership, organizational, negotiation, communication and presentation skills required, including experience with customer and supplier contract negotiations
How to Apply