We Go Places! How about you?

Location: Kiambu
Function: Digital & Technology
Sub Function: Digital & Technology - Operations
Type of Contract: Permanent
Closing Date: 21-05-2025

 

Join KWAL and be a part of something bigger, as we accelerate excellence as a proud member of the HEINEKEN global family.  While we unlock new opportunities and shape the next chapter of our journey, KWAL is embedding a high-performing, agile business driven by innovation and purpose. If you're energized by transformation and inspired to make a meaningful difference, this is your moment to lead change and grow with a business that’s going places – fast!

 

Job Purpose

This position is responsible for implementation and support of the global cyber security strategy based on the applicable cyber security framework, to reduce the risk of a cyber security incident according to the risk appetite of HEINEKEN and KWAL. Additionally, raise wider cyber security awareness in KWAL.

 

Main Responsibilities

Security Operations

Assist with the implementation of the global security standards and procedures by KWAL, D&T and Supply chain teams. Assist the operational cyber security teams in the design of controls, standards and procedures that have broad implications, requiring systems integration of one or more technical platforms Assist with risk reviews using the risk management procedure for all new local programs/services to be deployed in the KWAL operational environment and help veto programs which do not comply with HEINEKEN’s security standards. Assist with compliance assessments of the KWAL OpCo versus the Information Security Standard (ISS) by testing the ISS controls as detailed in the Information Security Procedure (ISP) Being an ICT and PCD Security Advisor for KWAL in their remit for any IT security breach or new initiative. Assist with digital investigations upon request of Local OpCo/HR or Legal teams.
 

Business Continuity (BC) and Disaster Recovery (DR)

Assist with the development and annual review/testing of functional DR/BCP plans  Interrogate and review DR and BCP plans for all D&T programmes Coordinate with other teams to mitigate and resolve security incidents. Respond to security incidents and conduct thorough investigations.
 

Vulnerability Management

Perform regular vulnerability assessments and penetration testing. Identify and prioritize vulnerabilities based on risk. Work with IT teams to remediate identified vulnerabilities. Analyze and interpret security logs to identify potential threats and vulnerabilities. Monitor security alerts and events from various sources. Conduct threat intelligence research to stay updated on emerging threats.
 

Security Policy and Compliance

Ensure compliance with relevant security standards and policies. Assist with the annual review process. Assist with the development of PCD security, D&T policies, procedures and standards
 

Security Awareness

Assist with ICT and PCD Security Awareness campaigns within KWAL.  Conduct security awareness training for employees. Assist with defining, designing and deploying ongoing educational assets to improve security across KWAL.
 

Reporting and Documentation

Prepare detailed reports on security incidents, vulnerabilities, and mitigation efforts. Maintain accurate and up-to-date documentation of security processes and procedures.
 

Minimum Required Qualifications, Knowledge and Experience

Academic Qualifications

Bachelor’s degree in computer science, Information Security or relevant field.

 

Professional Qualifications

IT Security certifications for e.g. CISSP - Certified Information Systems Security Professional, Certified Ethical Hacker or equivalent. CompTIA Security+, Microsoft Certified Systems Administrator – Security, CCNP or related.  FortiGate certification or equivalent Fortinet certifications.

 

Experience 

At least 3 years’ experience in a similar role and 3+ years in cyber security, handling security incidents, and auditing. Experience in global security control or operations, including implementing and managing security frameworks like the NIST Cybersecurity Framework.
 

Competencies

Technical Competencies

Familiarity with the latest ICT technology and compliance requirements. Exhibit creativity in developing new ideas, approaches, and solutions to address challenges and enhance ICT processes and systems. Proficient in managing data lifecycle processes, ensuring data integrity, and generating accurate and timely reports to support decision-making. Skilled in integrating various applications and systems to ensure seamless data flow, enhance functionality, and improve overall efficiency. Demonstrate expertise in managing and maintaining databases, ensuring data security, performance, and availability to support organizational needs. Proficient in identifying, assessing, and mitigating ICT risks, ensuring the organization’s technology infrastructure is secure and resilient. Skilled in implementing and maintaining data security measures, ensuring the protection of sensitive information and compliance with regulatory requirements.

 

Behavioural Competencies

Demonstrate a commitment to enhancing processes and performance. Continuously seeks new opportunities to enhance products and services.  Demonstrate a deep commitment to understanding and meeting customer needs.  Employ logical reasoning and critical analysis to evaluate information and make sound decisions.  Encourage innovative ideas and approaches to improve products and processes. 
 

 

Kenya Wine Agencies Limited (KWAL) was incorporated in 1969 and over the years KWAL has become a leading East African beverage champion in the manufacturing, exporting and importation of a wide range of alcoholic and non-alcoholic beverages. KWAL is a HEINEKEN OpCo.