Location: Nairobi County, Kenya (On-site)

Company: Serena Hotels

Company Description:

Serena Hotels is a publicly listed hospitality company with a diverse collection of resorts, safari lodges, camps, forts, palaces, and hotels. With over 35 properties across East Africa, Southern Asia, and Mozambique, Serena Hotels offers exceptional experiences in exotic and enchanting destinations. The company has a strong focus on hospitality, tourism, business, conferences, dining, and weddings & honeymoons.

Job Description:

Serena Hotels is seeking an experienced ICT Risk Officer to join their team. As an ICT Risk Officer, you will provide continuous independent assurance of the organization’s information and systems, ensuring the confidentiality, integrity, and availability of IT systems. You will be responsible for managing ICT-related risks in compliance with the company’s ICT strategy, policies, laws, regulatory guidelines, and applicable standards.

Responsibilities:

• Conduct gap analysis of super user rights controls, recommend appropriate controls, and develop a monitoring matrix for super user activities across all business systems
• Perform quarterly and ad hoc ICT risk assessments of business systems, provide recommendations for controls, and oversee the implementation of risk mitigations
• Participate in quality assurance activities by validating the implementation of security controls before systems enter production
• Act as the Data Protection Officer, ensuring data is captured, stored, processed, and disposed of in compliance with policies and regulations
• Continuously review and improve ICT controls, prepare management and board reports
• Review systems at all levels (servers, applications, databases, network devices) to identify risks and make recommendations for risk closure
• Evaluate ICT controls for operating systems, applications, database management systems, and networks to achieve compliance requirements
• Promote information security awareness within the organization through consultation, guidance, and awareness programs
• Anticipate potential threats and vulnerabilities, provide guidance on effective responses or control measures in coordination with the ICT department
• Manage ICT risk registers, update them regularly, and monitor the implementation of mitigations
• Provide forensic data to reviewers and support project managers during the project risk management process

Requirements:

• Bachelor’s degree in Information Technology, Computer Science, Information Security, or a related field
• Relevant IT professional qualifications such as CISA and CRISC
• Minimum of 3 years of experience in a similar role
• Understanding of ICT risk and systems control processes
• Familiarity with risk methodologies and taxonomies
• Experience working in the IT function within the hospitality industry is an advantage
• Strong interpersonal and advocacy skills
• Good presentation and report writing skills

How to Apply: Interested candidates who meet the requirements should email their applications and copies of their certificates to The Human Resources Director at Jobvacancy.kenya@serenahotels.com. Please submit your application before May 31, 2023.

Join Serena Hotels and contribute to maintaining quality assurance and managing ICT risks in a dynamic and prestigious hospitality environment.