The Kenya Revenue Authority (KRA) was established by an Act of Parliament, Chapter 469 of the laws of Kenya , which became effective on 1st July 1995 . The Authority is charged with the responsibility of collecting revenue on behalf of the Government of Kenya. A Board of Directors, consisting of both public and private sector experts, makes policy decisions to be implemented by KRA Management. The Chairman of the Board is appointed by the President of the Republic of Kenya . The Chief Executive of the Authority is the Commissioner General who is appointed by the Minister for Finance. PURPOSE OF KRA Assessment , Collection, Administration and Enforcement of laws relating to revenue.

Purpose of the job

Management of cyber security surveillance operations, analysis and resolution of identified ICT threats and incidents in the 24/7 IT Security Operations Centre (SOC). 

Key Responsibilities of the job

• Administration of 24/7 cyber security within KRA’s IT infrastructure
• Identification, investigation and remediation of internal and external IT cyber security threats
• Management and analysis of Information security logs.
• Review cyber security data sets & reports received from the National Cyber Incident Response Team and other sources.
• Implementation of IT security best practices, policies and monitoring KPIs
• Ensure conformity to ISO (9001/2015 and 27001/2013) and data security requirements.
• Management of Performance, Audit and Integrity programmes

Requirements

Academic qualification:

• Bachelor’s degree in Computer Science, Management Information Systems, Information Technology or any other related field from a recognized university.
• Post Graduate degree in IT related field is an added advantage.

Professional Qualifications

• Certification in any of the following; Certified Ethical Hacking (CEH), Certified Hacking Forensic Investigator (CHFI), Certified Incident Handler (ECIH) or any relevant information security solutions certification
• Membership in a recognized IT related professional body. 

Work experience:

• Minimum four (4) years’ experience in IT related systems security in a large or busy organization with at least one (1) year in a supervisory role.
• Experience in cyber security operations, security testing and incident management.
• Experience in penetration testing and vulnerability management skills.
• Computer forensics and analysis skills.

Key Competencies:

• Resilience, Focus, result oriented and a team player
• Strong analytical, diagnostic, decision making and problem solving skills
• Attention to details and ability to work under minimum supervision.
• Proactivity and strong interpersonal skills