The Insurance Regulatory Authority of Kenya (IRA) is the sole authority charged with regulation and supervision of the insurance industry within the Republic of Kenya. It ensures compliance by insurance/reinsurance companies, protects consumers and promotes a high degree of security for policyholders.

REF: MICT/08

Purpose

The position is responsible for developing and implementing strategy, policies based on the IRA strategic plan and business needs to achieving quality performance and resource management.

The duties and responsibilities entail:

Managerial / Supervisory Responsibilities

• Manage the development of ICT strategy, policies, and operational plans in line with the Authority’s Strategic Plan;
• Formulate the development of the departmental work plans and approved budgets;
• Develop and manage the performance management in the department;
• Preparation of monthly, quarterly and annual reports for the department;
• Lead in the establishment, management and maintenance of a robust ICT infrastructure and information systems that comply with legal and regulatory, requirements and best practices to support achievement of Authority’s mandate;
• Coordinate the management of confidentiality, availability and integrity of the Authority’s information, data and information systems;
• Develop the Authority’s annual Operating and Capital budgetary requirements;
• Review the management of the security of the Infrastructure and Information systems;
• Develop, implement and maintain the Business Intelligence and Information Repository tools to support analytics for effective decisions making;
• Develop the implementation plans for ICT projects on behalf of the Authority;
• Develop departmental board papers in liaison with the Senior Manager, Information Communication & Technology;
• Formulate the implementation plan for the board resolutions;
• Development and implementation effective disaster recovery and business continuity mechanisms for the Authority;
• Prepare and manage the ICT departmental risks and performance;
• Develop and implement departmental quality management systems and standards;
• Formulate the planning, analysis, automation and of the Authority’s business processes and workflows;
• Develop and implement mechanism for continuous upgrades of the Authority’s business systems and applications;
• Develop the human resource needs for the department in liaison with the Senior Manager, Information Communication & Technology;
• Prepare the ICT related procurement needs for the Authority;
• Organise the auditing and other compliance related activities within the Department;
• Manage the provision of user support to the Authority’s Directorates and departments;
• Develop appropriate backup and security procedures and guidelines ideal to safeguard the Authority’s ICT installations, systems and databases against violations;
• Plan and implement appropriate training programme for the Authority’s users on ICT systems;
• Develop and implement a mentoring, coaching and appraising programme for the departmental staff;
• Develop and implement standard operating procedures for ICT operations are set;
• Validate and approve the technical, systems and user documentations after they have been updated;
• Validate the Information Communication Technology equipment inventory and initiate their replacement as necessary;
• Reviewing and recommending approval of the feasibility studies and reports for systems implementation;
• Coordinate the designing and maintenance of the Local Area Network (LAN), Virtual Private Networks (VPN) and Wide Area Network (WAN);
• Maintenance of the ICT infrastructure, Systems and other related services;
• Liaise with the other departments in the implementation of change management initiatives;
• Validate and advise on any new system changes before installation in the production environment.
• Design the security aspects within the Local Area Network (LAN), Virtual Private Networks (VPN) and Wide Area Network (WAN).

Operational Responsibilities / Tasks

• Develop and implement ICT policies and procedures for effective and efficient use of ICT services throughout the Authority;
• Develop mechanisms to ensure the Authority’s ICT assets and information systems are secure from ICT related risks like unauthorized access to information, data corruption or integrity loss, degraded processing capability, and poor service levels;
• Organise the review, testing and evaluation of systems to determine their efficiency, reliability, compatibility and relevance;
• Implement relevant statutory regulations and standards;
• Develop management reports, proposals and any other relevant documents for review by the Senior Manager;
• Providing technical input in ICT project and other committees
• Identify security gaps within the infrastructure, systems and databases and coordinate their resolution;
• Train staff on security matters and creating general awareness on cyber security on regular basis;
• Analysis of the Antivirus databases, assessing the emerging threats and ensuring that the appropriate patches and updates are done;
• Review the security measures of the systems and testing of the same before deployment of the same

Persons Specifications

• Masters degree in Computer Science or IT, Information Systems or related field;
• Bachelor’s Degree in Computer Science or IT, Information Systems or related field;
• Nine (9) years relevant working experience
• Professional qualifications in any two of the following:
• CISA/CISM/CRISC/CEH/CISSP/MCSE/MCITP/CCNA/Project Management Certification;
• Member of a relevant professional body
• Management Course lasting not less four (4) weeks
• Supervisory Course for not less than two (2) weeks;
• Meets the provisions of chapter six of the constitution

Competencies and skills

• Strong communication and reporting skills;
• Strong analytical and numerical skills;
• Strong organization and interpersonal skill;
• Mentoring, coaching and leadership skills;
• Conflict management; and
• Ability to work under pressure, prioritize and multi-task.