ABOUT ONE ACRE FUND
Founded in 2006, One Acre Fund supplies 1 million smallholder farmers with the agricultural services they need to make their farms vastly more productive. Our 8,000+ team is drawn from diverse backgrounds and professions. With operations across six core countries in Africa, we make farmers more prosperous by providing quality farm supplies on credit, delivered within walking distance of farmers’ homes, and agricultural training to improve harvests. On average, our farmers harvest 50 percent more food after working with One Acre Fund.
To learn more about our work, take a look at our Why Work Here blog for more information.
ABOUT THE ROLE
This role will be focused on task execution as related to ISMS as part of organization Risk Management. It will include a combination of daily & weekly tasks to be completed, creation of comprehensive reports for review, as well as contributing to ISMS strategic planning. This role will be heavily involved in coordination and communications with departments and staff organization-wide. This role will report to the Director of Information Security.
- Exploit Awareness:Maintain catalogue of known exploits relevant to organization solutions and technologyMaintain response plan per internal IS framework to potential threats
- Maintain catalogue of known exploits relevant to organization solutions and technology
- Maintain response plan per internal IS framework to potential threats
- Staff Awareness & Training:Perform staff Information Security Awareness sessions: phishing, data storage, encryption, malware, best practices, reporting IS issues, among othersRegular communications with departments and staff on Information Security & Data Governance standards and plans
- Perform staff Information Security Awareness sessions: phishing, data storage, encryption, malware, best practices, reporting IS issues, among others
- Regular communications with departments and staff on Information Security & Data Governance standards and plans
- Data Protection:Perform IS assessments on organization solutions: cloud, virtual machines, mobile applications, API's, otherCoordinate corrective actions required to maintain compliance with internal Information Security framework, and Data Governance policies
- Perform IS assessments on organization solutions: cloud, virtual machines, mobile applications, API's, other
- Coordinate corrective actions required to maintain compliance with internal Information Security framework, and Data Governance policies
- Incident Response:Respond to incidents per internal incident response practices: potential data leaks or breaches, phishing, and malware exploitsPerform response actions: incident remediation, incident documentation, and post-incident analysis
- Respond to incidents per internal incident response practices: potential data leaks or breaches, phishing, and malware exploits
- Perform response actions: incident remediation, incident documentation, and post-incident analysis
- Report contributions:Maintain weekly reports as needed for ISMS effectiveness measurementsHelp create reports contributing to ISMS strategy: incident metrics, business continuity.
- Maintain weekly reports as needed for ISMS effectiveness measurements
- Help create reports contributing to ISMS strategy: incident metrics, business continuity.
CAREER GROWTH AND DEVELOPMENT
We have a strong culture of constant learning and we invest in developing our people. You’ll have weekly check-ins with your manager, access to mentorship and training programs, and regular feedback on your performance. We hold career reviews every six months, and set aside time to discuss your aspirations and career goals. You’ll have the opportunity to shape a growing organization and build a rewarding long-term career.
Across all roles, these are the general qualifications we look for. For this role specifically, you will have:
- 4+ years of experience in Information Security or CyberSecurity
- Have working knowledge of (ISO) International Standards Organization – as related to 27000 series
- Have working knowledge of recognized Information Security or CyberSecurity frameworks
- Strong preference for candidates with knowledge of related Data Governance and Technical Governance practices
- Strong preference for candidates with Information Security certifications
- Strong preference for candidates with experience in staff training
- Strong educational background
- Demonstrated leadership experience at work, or outside of work, enthusiasm for learning, and openness to feedback
- Ability to build teams and collaborate with colleagues from diverse backgrounds.
PREFERRED START DATE
Due to the ongoing Covid-19 pandemic, start dates can vary significantly by role. We are adapting rapidly to Covid-19 and most of our team is now working remotely. Given the changing environment, we will appreciate your flexibility in confirming a start date.
Health insurance, housing, and comprehensive benefits
SPONSOR INTERNATIONAL CANDIDATES
No; Must have existing rights to work in Kenya.
We hire on a rolling basis which means that applications are reviewed and processed on a continuous basis until a hire is made.
One Acre Fund never asks candidates to pay any money or pay for tests at any stage of the interview process. Official One Acre Fund emails will always arrive from an @oneacrefund.org address. Please report any suspicious communication here (email@example.com), but do not send applications or application materials to this email address.
Diversity, Equity, Inclusion (DEI), and anti-racism are deeply connected to our organization’s mission and purpose. One Acre Fund aspires to build a culture where all staff feel consistently valued, represented, and connected – so that our team can thrive as professionals, and achieve exceptional impact for the farmers we serve.
We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression. We are proud to be an equal opportunity workplace.