New Jobs Opportunities at Gulf African Bank | Apply June 2025

Gulf African Bank Full Time Kenya Administration Jobs - ICT Jobs

Manager, Information Security and Data Protection

Job purpose

The Manager, Information Security and Data Protection will be responsible for steering the organization towards full compliance with the provisions of the Kenya Data Protection Act 2019 and any other related data protection/privacy laws. The role holder will support the design and implementation of information security controls (people, process and technology) across the Bank.

The role holder will also support the Bank’s Business Continuity and Disaster Recovery plans ensuring that essential services are available to the business and customers in the event of any unforeseen disruption, within the agreed service levels (RPO and RTO).

Key Responsibilities

  • Data Protection and Privacy – facilitate data privacy through transparent data protection policies, procedures and systems. Additionally, the role shall;
  • Act as point of contact with any supervisory authorities and internal teams on data processing-related issues
  • Identify and evaluate the organization’s data processing activities.
  • Provide guidance in conducting Data Protection Impact Assessments (DPIAs).
  • Inform and advise the organization (data controller/data processor) and employees involved in data processing of their obligations to comply with Data Protection Act and other applicable regulations.
  • Monitor Compliance with the Data Protection Act, as well as internal polices related to various data protection activities, including awareness, training, and internal audits.
  • Co-operate with the Kenya Data Commissioner and any other authority on matters relating to data protection.
  • Information Security Management System (ISMS) Benchmarking with industry best practice/standards.
  • Provide support in the bank’s drive to align to best practices (COBIT, ISO 27001, PCI DSS, CIS etc.), while enshrining these with the relevant policies and practices.
  • Regulatory Compliance – keep up-to-date with regulatory guidelines (e.g. CBK prudential guidelines etc.) affecting information technology, information security, risk management and continuously update the organization’s policies, standards and procedures.
  • Risk & Audit Management
  • Support on planning and conducting risk assessments – covering people, processes and technology as per the bank’s risk management framework.
  • Support the bank’s third-party risk management process ensuring compliance with internal policies as well as regulatory requirements.
  • Play liaison role for Internal and External audits on matters information security and data protection.
  • Track and report on audit and risk findings.
  • Manage the Information Security Awareness program across the organization and with external stakeholders, including awareness trainings, tools and reporting.
  • Business Continuity and Disaster Recovery Planning.

Support the bank’s Business Continuity and Disaster Recovery Planning through:

  • Business Impact Assessments (BIAs).
  • BCM Risk Assessment.
  • BCM Plans.
  • Call Tree Updates & Simulation testing.
  • IT DR Planning.
  • IT DR Testing.
  • BCM Tests – Branches & HQ Units.
  • Information Security Assurance Requirements
  • System user access management – maintain a robust program for system user access management.
  • Vulnerability management – ensure vulnerability scanning and reporting is done as per the bank’s policy.
  • Secure configuration – document and maintain standards for hardening systems to comply with global information security best practices.
  • Endpoint protection – evaluate and maintain adequate controls to detect and respond to malicious activities.
  • Logging and monitoring – provide oversight for the bank’s SOC function.
  • Incident response – support the development and testing of applicable incident response playbooks as well as offer guidance to SOC analysts in responding to real incidents as may be identified.
  • Business projects assurance – provide information security and data protection compliance assurance to business projects to ensure that any new products, services, channels and other changes introduced meet the information security and data protection compliance thresholds.

Knowledge and experience

  • Bachelor’s Degree in Information and Communication Technology (ICT), Information Systems, Computer Science, Information Security or related field required.
  • Data Protection training/certification.
  • Certified Information Security Manager (CISM) or ISO/IEC 27001 Lead Implementer Certificate.
  • Certified Information Systems Auditor (CISA) or ISO/IEC 27001 Lead Auditor Certificate.
  • Cybersecurity Technical training/certification. Certification in at least one of these areas: Ethical Hacking, CCNA, API Security, Cloud Security.
  • Business Continuity Management certification would be an added advantage.
  • Protect Management certification e.g. Prince2 Practitioner would be an added advantage.
  • IT Service Governance certification e.g. ITIL would be an added advantage
  • At least 5 years’ experience in Information Security or IT Governance, with at least 2 years handling data protection compliance in a managerial role.
  • At least 3 years’ experience conducting information security risk assessments or IT governance and assurance/compliance assessments in an organization.
  • Experience in the design, implementation and support of cybersecurity solutions e.g. SIEM, DAM, Vulnerability Management tools, Endpoint Protection tools, FIM, NAC, PAM etc.
  • In-depth understanding of information security best practice & compliance standards.
  • Experience in audit management and reporting.
  • Knowledge of relevant CBK Prudential Guidelines and laws applicable to data protection and privacy.
  • Prior experience working within a financial service organization will be an added advantage.

Skills and competencies

Technical Competencies:

  • Knowledge to develop and manage Data Protection strategy and policy framework.
  • Knowledge of the Kenya Data Protection Act (2019) and related laws as well as applicable CBK Prudential Guidelines on data protection and privacy.
  • Technical skills to effectively perform IS security management activities/tasks in a manner that consistently achieves established quality standards or benchmarks. This includes management of key processes like vulnerability/patch management, logging and monitoring, access control, endpoint protection, threat detection and response, secure configuration etc.
  • Knowledge to develop and manage Business Continuity and Disaster Recovery plans and processes.
  • Knowledge and effective application of all relevant banking policies, processes, procedures and guidelines to consistently achieve required compliance standards or benchmarks.
  • Knowledge and application of modern IS security management practices and best practice compliance standards in financial services industry, to proactively define and implement security quality improvements in line with technological and product changes.
  • Performance management to optimise personal and team productivity.
  • Management and regulatory reporting.

Behavioural Competencies:

  • Interpersonal skills to effectively communicate with and manage expectations of all team members and other stakeholders who impact performance.
  • Self-empowerment to enable development of open communication, teamwork and trust that are needed to support true performance and customer-centric culture.
  • Demonstrable integrity and ethical practices.

go to method of application »

Credit Analyst, SME

Job Purpose:

  • To prepare independent analysis of SME credit reviews and submit summary of analysis for credit review.
  • To support the SME segment asset book growth within acceptable PAR tolerance levels to ensure the product remains profitable.

Key Responsibilities:
Operations

  • Check completeness of documents submitted by the Relationship Managers or Branch Managers.
  • Inform the Branch/Relationship manager of any document missing (according to the checklist).
  • Regularly analyze the risk profile of the bank’s credit facilities portfolio by product, by sector. Assign risk grades for each portfolio type following the guidelines in the bank’s credit policy manual.
  • Review inward cheques report and excesses daily reports to ensure that they are appropriately sanctioned and therefore safeguard the bank from financial loss from unauthorized extension of credit.
  • Timely analysis of credit applications while ensuring that good quality of the financing assets is achieved.
  • Preparation of various management Reports.
  • Review of credit policy and updating it in line with changes in the financing environment.
  • Review of new and existing products as per bank guidelines.

Compliance:

  • Ensure compliance with both internal and external regulatory requirements.
  • Review and ensure compliance of facilities approved conditions.
  • Ensure compliance with Credit policies and procedures at all times.
  • Ensure compliance with set SLAs at all times.

Other

  • Safeguard and promote the bank’s image with the general public.

Requirements

Qualifications and Experience:

  • Bachelor’s degree in an Analytical/Business related field
  • CPA or relevant professional qualification.
  • 5 years banking experience in a lending function with at least 3 years in credit analysis.
  • Experience or sound understanding of credit risk and the techniques of financial analysis
  • Proficiency in use of relevant MS office applications

Competencies Required for this Role:

  • Knowledge of relevant lending products
  • Strong credit analytical skills including business plan analysis, numerical and financial analysis and interpretation
  • Key understanding of regulatory and legal environment
  • Problem Solving skills
  • Analytical and methodical skills
  • Excellent Communication skills.
  • Decision making skills
  • Organizing skills
  • Communication skills

Submit Your Application

Use the link(s) below to apply on company website.

Read Also:

Go to our Homepage to Get Relevant Information.

Share this job

mydreamjobs.xyz is your trusted platform for finding the latest job opportunities across Africa, including Tanzania, Kenya, Uganda, Zambia, Zimbabwe, Botswana, and Rwanda. We are dedicated to helping job seekers connect with employers by posting daily updates on full-time, part-time, and government jobs in various industries.

Whether you're a recent graduate or an experienced professional, we make your job search easier by offering reliable listings, simplified browsing, and fast access to applications — all in one place.

Find your dream job today with mydreamjobs.xyz.

Job by Categories