Senior Officer – Information Security

Reference Number: CPF/SOIS/3/26

Position Overview

  • Directorate/Division: Human Resources and Administration
  • Section/Dept/Unit: Information Systems Administration
  • Location: CPF House (HQ)
  • Reports to: Manager, Information Systems Administration
  • Direct Reports: Officer, Information Systems Administration
  • Job Grade: JG7

Role Summary

The Senior Officer, Information Security is responsible for supporting the Group’s Information Security function. This includes providing strategic oversight for security operations, managing 24/7 monitoring activities, and leading incident response. The role is central to ensuring effective risk management, compliance, and the coordination of recovery processes across the entire Group.

Key Responsibilities

  • Operations Leadership: Lead and supervise security monitoring/SOC, threat detection, and incident response operations on a 24-hour basis.
  • Policy Management: Support the development, implementation, and maintenance of information security policies, standards, and procedures.
  • Risk & Testing: Conduct risk assessments and vulnerability analyses, while supporting penetration testing initiatives.
  • Resilience: Oversee and support backup integrity, disaster recovery planning, and the execution of business continuity strategies.
  • Reporting: Prepare periodic security reports featuring actionable recommendations for leadership.
  • Collaboration: Coordinate with regulators, auditors, and cybersecurity service providers.
  • Mentorship: Supervise and mentor other officers within the department.
  • General Duties: Perform any other duties as assigned.

Qualifications & Experience

  • Education: Bachelor’s degree in IT, Cybersecurity, Computer Science, or a related discipline.
  • Certification: Must hold at least one professional certification such as CISSP, CISM, CEH, or Security+.
  • Experience: A minimum of 4–6 years of experience in cybersecurity, including demonstrated leadership in SOC or incident response environments.
  • Technical Knowledge: Strong understanding of security frameworks, including ISO 27001, NIST, and COBIT.

Application Procedure (A)

If you’re ready to take the leap, here is how to apply:

  • Deadline: All applications must be submitted by 14th April 2026 at 5:00 pm EAT.
  • Submission Email: Send your application and CV to resourcing@cpf.or.ke.
  • Requirements: Ensure your email or cover letter quotes the position title and reference number in the subject line. You must include your CV, contact email, daytime telephone contacts, current position and remuneration, and the names/addresses of three referees.

Application Procedure (B)

If you’re ready to take the leap, here is how to apply:

  • Deadline: All applications must be submitted by 14th April 2026 at 5:00 pm EAT.
  • Submission Email: Submit your application via the form provided below.
  • Requirements: Ensure your email or cover letter quotes the position title and reference number in the subject line. You must include your CV, contact email, daytime telephone contacts, current position and remuneration, and the names/addresses of three referees.

Note: CPF Group is an equal opportunity employer; however, keep it professional – canvassing will lead to automatic disqualification. Only short-listed candidates will be contacted.

Apply for this position

Allowed Type(s): .pdf