IT Officer – Information Security at Plan International – Nairobi, Kenya

ROLE PURPOSE
Plan International is an independent children’s rights and humanitarian organisation that works to help children live a life free from poverty, violence and injustice.

We actively unite children, communities and others who share our mission to create positive, lasting change in the lives of children and young people. We support children to gain the skills, knowledge and confidence they need to claim their rights to a fulfilling life, today and in the future. We focus specifically on girls and women, who are most often left behind.
For over 85 years, we have been building powerful partnerships for children and are now active in more than 80 countries.

The Shared Services Centre is a Centre of Excellence located in the MEESA region, established to help clients improve their operational effectiveness i.e. COs, RH and GH. The centre aims to provide reliable, efficient and effective service to clients at a competitive price. The ultimate goal is to be reliable, predictable and dependable to our clients at all times and to ensure a commitment to quality and excellent turnaround times in all our service provision.

The IT Officer – Security is responsible for ensuring the security of Plan International’s information systems and data. This role includes developing, implementing and maintaining security protocols, procedures and policies to protect the organization’s digital assets from cyber threats and vulnerabilities.

RESPONSIBILITIES

1. Security Management
• Develop, implement and maintain comprehensive IT security policies and procedures.
• Conduct regular security assessments, vulnerability testing, and risk analysis to identify and mitigate potential security threats.
• Monitor and manage security tools and systems to protect the organization’s network, systems and data.

2. Incident response
• Develop and implement an incident response plan to address security breaches and cyber attacks.
• Coordinate and manage the response to security incidents, including investigation, containment, and recovery.
• Conduct a post-incident analysis to determine the root cause and implement measures to prevent recurrence.

3. Security awareness and training
• Develop and deliver security awareness training programs for personnel to promote information security best practices.
• Create and maintain security-related documentation, including user guides, policies and procedures.
• Provides guidance and support to staff on security-related issues and best practices.

4. Compliance and Reporting
• Ensure compliance with relevant security standards, regulations and policies (e.g. GDPR, ISO/IEC 27001).
• Conduct regular audits and assessments to ensure compliance with security policies and procedures.
• Prepare and present security reports to management highlighting risks, incidents and recommendations for improvement.

5. Implementation of technical security
• Implement and manage security measures such as firewalls, intrusion detection/prevention systems (IDS/IPS), anti-virus software, and encryption tools.
• Manage access controls, including user rights and authentication mechanisms.
• Perform regular security updates and patch management to ensure systems are up-to-date and secure.

6. Collaboration and support
• Collaborate with IT team members and other departments to ensure security measures are integrated into all IT projects and initiatives.
• Provide technical support and troubleshoot security issues.
• Stay up to date with the latest security trends, technologies and best practices to continually improve the organization’s security.

7. Protection (5%)
• Ensure that Plan International’s global Safeguarding Policy and PII Policy for preventing sexual harassment, exploitation and abuse; and gender equality and inclusion are fully embedded in accordance with the principles and requirements of the Policy, including relevant implementation standards and guidelines as applicable to their area of ​​responsibility. This includes, but is not limited to, ensuring that staff and associates are aware of and understand their responsibilities under this Policy and Plan International’s Code of Conduct (CoC), their relevance to their area of ​​work, and that concerns are reported and managed in accordance with appropriate procedures.

TECHNICAL EXPERTISE AND KNOWLEDGE
• Bachelor’s degree in information technology, computer science, cybersecurity, or a related field.
• Relevant certifications (e.g., Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), CompTIA Security+, ISO 27001 Certified) are highly desirable.
• Minimum 3-5 years of experience in IT security, including security policy development, risk management and incident response.
• Experience with security technologies and tools such as firewalls, IDS/IPS, anti-virus software and encryption tools.
• Knowledge of security frameworks and standards (e.g. ISO/IEC 27001, NIST).
• Experience in a non-profit organization or the international development sector is a plus.

Skills and competencies:
• Strong technical skills in IT security, including knowledge of network security, application security and data protection.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Ability to work independently and in a team.
• Strong organizational and time management skills.
• High degree of integrity and confidentiality.

Personal qualities:
• Strong commitment to Plan International’s mission and values.
• Ability to work under pressure and multi-task.
• Proactive and self-motivated with a mindset of continuous improvement.
• High level of attention to detail and accuracy.

Required languages:
• Excellent written and oral communication skills in English.

Click on the following link to view the full job description:

IT Officer – Information Security.pdf

Location: Nairobi, Kenya
Closing date: August 10, 2024

Equality, diversity and inclusion are at the heart of everything Plan International stands for.

We want Plan International to reflect the diversity of the communities we work with and to provide equal opportunities for all, regardless of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, gender or sexual orientation.

Plan International is built on a culture of inclusivity and strives to create a working environment where every team, in every office and in every country is rich in diverse people, thoughts and ideas.

We foster an organizational culture that centers our commitment to racial justice, gender equality, girls’ rights and inclusion.

Plan International believes that in a world where children face so many threats of harm, it is our duty to ensure that we as an organisation do everything we can to keep children safe. This means that we have specific responsibilities to children we come into contact with and that we must not contribute to harming or endangering children in any way.

A number of pre-employment checks are carried out in line with Plan International’s Safeguarding Children and Young People policy. Plan International also participates in the Inter Agency Misconduct Disclosure Scheme. In line with this scheme, we will request information from previous employers of applicants about findings of sexual exploitation, abuse and/or harassment during employment, or incidents which are investigated when the applicant leaves employment. By submitting an application, the applicant confirms that they understand these recruitment procedures.

Disclaimer: Plan International is an equal opportunities employer and does not discriminate on any grounds.
We do not charge job seekers any fees at any time during the application process.