Back to jobs
CareerLink Africa

Information Risk Manager

Nairobi, KenyaFull-Time
Senior level
Posted Today

About this role

KCB Bank Kenya is seeking an experienced Information Risk Manager to lead its ICT risk function from its Nairobi headquarters. This senior role sits within the bank's technology and compliance division, overseeing risk across multiple regional subsidiaries. The successful candidate will shape policies, guide remediation, and ensure the resilience of critical banking systems.

Why Join CareerLink Africa

Partnering with CareerLink Africa gives you access to a vibrant pool of African talent and a platform that champions professional growth across the continent. Working for KCB, a leading financial institution, offers the chance to influence risk strategy at a pan‑African level while benefiting from CareerLink’s extensive network and industry insights.

What You'll Do

In this position you will be responsible for steering the bank’s information risk agenda and delivering robust assurance across projects and operations.

  • Conduct thorough reviews at each stage of the bank’s project lifecycle, confirming that delivered solutions meet the internal Project Management framework and regulatory standards.
  • Lead the analysis of IT audit findings, craft detailed remediation reports, and oversee the implementation of corrective action plans.
  • Design and maintain business continuity and disaster‑recovery procedures, ensuring time‑critical services can resume within predefined windows.
  • Develop, publish, and enforce risk‑management policies, standards and guidelines aligned with best‑practice frameworks such as COBIT, ISO/IEC 27001, NIST and ITIL.
  • Assess network architecture, recommend enhancements, and supervise the deployment of effective firewall and security configurations.
  • Manage ICT service incidents and complaints, coordinating with technical teams to achieve swift resolution.
  • Partner with the IT change‑management function to guarantee that all modifications follow controlled and documented processes.
  • Evaluate system backup strategies and disaster‑recovery capabilities, providing hands‑on support to the ICT department during recovery drills.
  • Review the bank’s Business Continuity Programme for completeness, suggesting improvements where gaps are identified.
  • Lead, mentor and develop a team of Information Risk Managers and Analysts, fostering a collaborative, high‑performing environment.
  • Prepare concise risk reports for senior leadership, translating technical findings into actionable business recommendations.

What We're Looking For

The ideal candidate combines deep technical expertise with strong leadership and communication skills.

  • A bachelor’s degree in Computer Science, Information Technology or a related discipline; a master’s degree is preferred.
  • At least eight years of hands‑on experience in information risk management, preferably within the banking or financial services sector.
  • Professional certifications such as CISA or CISM are highly desirable.
  • Proven ability to lead multidisciplinary teams and drive a culture of risk awareness.
  • Extensive knowledge of information security principles, risk‑assessment methodologies, and standards like ISO 27001, NIST, COBIT and ITIL.
  • Strong analytical mindset with a track record of identifying threats and delivering pragmatic solutions.
  • Excellent written and verbal communication skills, capable of presenting complex technical concepts to non‑technical audiences.
  • Demonstrated experience managing multiple projects simultaneously while meeting tight deadlines.
  • Interpersonal skills that enable effective collaboration with stakeholders at all organizational levels.
  • A proactive, innovative attitude that continuously seeks ways to improve the bank’s risk posture.

If you meet these qualifications and are ready to drive risk excellence for a leading African bank, submit your application through CareerLink Africa today.

Application Deadline

12 August 2026