SENIOR CYBERSECURITY OFFICER

ABOUT THE COMPANY

The Insurance Regulatory Authority is a statutory government agency established under the Insurance Act (Amendment) 2006, CAP 487 of the Laws of Kenya to regulate, supervise and develop the insurance industry. It is governed by a Board of Directors which is vested with the fiduciary responsibility of overseeing operations of the Authority and ensuring that they are consistent with provisions of the Insurance Act.

JOB SUMMARY

JOB TITLE: Senior Cybersecurity OfficerDIRECTORATE: Directorate of SupervisionDEPARTMENT: Cybersecurity SupervisionGRADE/LEVEL: IRA 6IMMEDIATE SUPERVISOR: Principal Cybersecurity OfficeSpecific PesrsonsThree (3) years cumulative relevant work experience, three (3) years of which should have been at the grade of Cybersecurity Officer or in a comparable and relevant position.Bachelor’s degree in any of the following: Electrical Engineering, information technology, information systems security, software engineering, or equivalent qualification from a recognized institution.Certificate in either of the following ICT/Cybersecurity professional qualifications:Cisco Certified Network Associate (CCNA);Certified Information Systems Auditor (CISA);Certified Information Security Manager (CISM);Certified Information Systems Security Professional (CISSP);Certified Ethical Hacker (CEH);Any other equivalent qualification from a recognized institution.Membership to a relevant professional body where applicable and in good standing.

RESPONSIBILITIES

Job SpecificationsThe duties and responsibilities will entail:Developing and implementing policies, strategies, and standards for insurance industry Cybersecurity framework.Researching on new and emerging technological and regulatory trends in relation to Cybersecurity management.Gathering and disseminating technical information on cyber security incidents, vulnerabilities, security fixes and other security information, as well as issuing alerts and warnings.Handling and analysing cybersecurity incidents under supervision.Coordinating cybersecurity analysis and forensic investigations.Implementing and managing cybersecurity systems.Participating in SOC operations and providing technical monitoring and analysis.Preparing insurance industry cybersecurity posture reports.Coordinating cybersecurity advocacy, awareness, and capacity building in the insurance industry.Monitoring effectiveness of cybersecurity systems.Reviewing backup schedules of cybersecurity monitoring and management systems.Liaising with other SOCs, and industry stakeholders on matters of Cybersecurity monitoring and management.Preparing specifications for acquisition of cyber security systems.Assisting in implementation of cybersecurity systems.Implementing the Critical Infrastructure Protection (CPI) framework.Supporting implementation and monitoring of CIP requirements and contributing to CIRT documentation.Providing input for the development, monitoring implementation and regular review of the insurance industry Cybersecurity Policies.Competencies and skillsCommunication skillsInterpersonal skillsAnalytical skillsReport writing skillsPresentation skillsConflict management skillsNegotiation skillsHOW TO APPLYThe interested applicants to submit their applications online by filling the form provided on the IRA website.All applications must be received by close of business at 5.00 pm on Monday, 16th February, 2026.COMPLIANCE REQUIREMENTIn accordance with The Employment (Amendment) Act, 2022, the Authority will require candidates it will enter into a written contract of service with to comply with Chapter Six of the Constitution by submitting mandatory compliance and clearance certificates from the relevant entities.Insurance Regulatory Authority is an Equal Opportunity Employer committed to diversity, gender equality and persons with disabilities (PWDs) are encouraged to apply. Any form of canvassing will lead to automatic disqualification and only shortlisted candidates will be contacted for interviews.IRA IS ISO 9001:2015 CERTIFIED

REQUIRED SKILLS

Information security, Risk analysis, System and network security, Fraud risk assessment and management, Risk management

REQUIRED EDUCATION

Bachelor's degree