Cybersecurity Manager Job Jambojet

IT Jobs. Jambojet Jobs

Role Purpose Statement

• To establish, lead, and continuously improve the organization’s cybersecurity capability by implementing governance, risk management, security operations, and compliance programs that protect the airline’s operational systems, customer data, digital platforms and technology infrastructure against cyber threats.
• The Cybersecurity Manager will drive the organization’s cybersecurity strategy and maturity roadmap while ensuring compliance with aviation, payment, privacy and information security standards including IOSA, PCI DSS, ISO 27001, GDPR and the Kenya Data Protection Act.
• The role is responsible for embedding cybersecurity across the organization through proactive risk management, incident response, security monitoring, awareness and collaboration with business and operational teams.

Key Responsibilities:

• Strategy & Governance: Develop and implement the organization’s cybersecurity strategy, maturity roadmap, and policies aligned with business objectives, ISO 27001, and NIST frameworks.
• Risk Management: Lead the identification, assessment, and monitoring of cyber risks across systems, infrastructure, and airline operational environments, maintaining the enterprise cyber risk register.
• Regulatory Compliance & Audits: Coordinate internal/external audits and drive compliance initiatives for aviation and data standards including IOSA, PCI DSS, ISO 27001, GDPR, and the Kenya Data Protection Act.
• Third-Party Risk Management: Oversee vendor security reviews, technology due diligence, and ensure cybersecurity requirements are embedded into procurement processes.
• Incident Response & Crisis Management: Lead cybersecurity incident detection, containment, and recovery activities, while maintaining response plans and crisis management processes.
• Security Operations & Monitoring: Coordinate the management of security technologies (SIEM, EDR, Firewalls, Identity & Cloud Security) and monitor emerging sector-specific cyber threats.
• Vulnerability Management: Oversee proactive vulnerability assessments, penetration testing, and the tracking of technical remediation activities to closure.
• Business Continuity: Ensure robust secure backup systems, disaster recovery protocols, and business continuity controls are implemented and regularly tested.
• Security Architecture: Review and approve security requirements for new systems, applications, and cloud environments to ensure security-by-design principles are met.
• Access Control & Hardening: Support secure configuration management, hardening standards, Segregation of Duties (SoD), and Privileged Access Management (PAM).
• Data Privacy Protection: Implement data protection controls for handling sensitive customer, employee, and operational data in collaboration with Legal, HR, and Audit teams.
• Reporting & Metrics: Establish cybersecurity governance reporting structures and deliver regular risk updates and management dashboards to senior leadership.
• Culture & Awareness: Drive enterprise-wide cybersecurity awareness training, mentor technical teams, and foster a shared culture of security responsibility.

Qualifications:

• Education: Minimum of a Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field from a recognized institution.
• Experience: Minimum of 5 years’ experience in cybersecurity, information security, IT risk or technology governance, with at least 3 years in a supervisory or leadership role. Experience in aviation or financial services is highly preferred.
• Certifications: Professional cybersecurity certifications (e.g., CISSP, CISM, CISA, CRISC, CEH, ISO 27001 Lead Implementer/Auditor, Security+, or PCI DSS credentials) are an added advantage.

How to Apply

Click here to apply