DATABASE AND IT SECURITY ANALYST

DEPARTMENT: ICT

REPORTS TO: IT Manager

Branch: Head Office – Westland

PRIMARY PURPOSE:

1. To drive operational efficiency through the unified management and optimization of the organization’s data and security infrastructure.
2. To strengthen system reliability, resilience, and disaster recovery capabilities while maintaining a robust cybersecurity posture.
3. To ensure full compliance with the Insurance Regulatory Authority (IRA) guidelines, industry best practices, and internal governance standards.
4. To minimize system downtime, data loss, and vulnerability to security threats through proactive monitoring, risk mitigation, and continuous improvement initiatives.

SPECIFIC RESPONSIBILITIES:

Cybersecurity Leadership

1. Drive execution of the institution’s cybersecurity strategy and ensure effective implementation across departments.
2. Design, implement, and maintain enterprise security architecture and control mechanisms.
3. Develop and test the cybersecurity incident response framework.
4. Advise management and the board on cyber risk trends, vulnerabilities, and mitigation priorities.
5. Conduct vulnerability assessments and coordinate responses to incidents.
6. Oversee vendor cybersecurity compliance and manage third-party risk assessments.
7. Lead staff awareness and training initiatives to strengthen cyber hygiene.

Database Administration

1. 1. Install, configure, and maintain database management systems.
   2. Monitor database performance, optimize queries, and ensure high availability.
   3. Perform regular backups, restores, and disaster recovery drills.
   4. Implement database security policies and access controls.
   5. Design and maintain schemas, indexes, and stored procedures.
   6. Manage data replication, archiving, and purging strategies.
   7. Provide technical support to developers and business units.
   8. Maintain documentation of database configurations, processes, and performance metrics.

Compliance

1. 1. Ensure compliance with IRA and relevant ICT security standards.
   2. Develop and maintain ICT security and data management policies.
   3. Support internal and external audits by providing evidence of control effectiveness.

PERSON SPECIFICATIONS

Academic Qualifications

• Bachelor’s degree in computer science or related area.

Professional Qualification

• Certification in IT security professional qualifications i.e., CISSP, CISA/CISM/CEH, CompTIA Security+, or other relevant security certifications.
• Oracle Database Administration certification—Oracle Certified Professional (OCP)

Experience

• At least 5 years’ experience in Security and Database administration with strong technical knowledge of database, network and operating systems security.

Required Skills and Attributes

• Strong understanding of diverse security frameworks, methodologies, and processes, with hands-on experience in implementing technical security solutions such as firewalls, intrusion detection and prevention systems (IDS/IPS), and endpoint protection tools.
• In-depth knowledge of TCP/IP protocols, network architecture, and network/security applications, with the ability to analyze, monitor, and troubleshoot network traffic for performance and security optimization.
• Practical experience in conducting penetration testing, vulnerability assessments, and security audits, including interpreting findings and implementing effective remediation measures.
• Comprehensive awareness of emerging cybersecurity threats, attack vectors, and threat intelligence sources, ensuring proactive defense and timely incident response.
• High level of integrity and confidentiality.
• Excellent interpersonal and communication skills.
• Good analytical skills and attention to details.

HOW TO APPLY

Interested candidates can apply through the link https://recruitment.geminia.co.ke/ . Job Application, to reach us on or before Friday, 21^st November 2025. The application should include a cover letter demonstrating how you meet our requirements and details of your current