Information Security Manager Job at Twiga Foods

Information Security Manager Job at Twiga Foods… See details on how to apply for the opportunities available at Twiga Foods.


Twiga is a mobile-based supply platform for Africa’s retail outlets, kiosks, and markets stalls.


  • Creating and managing security strategies
  • Develop and publish Information Security and data privacy policies and processes that encourage secure working and protect data.
  • Lead implementation of information security policies/processes across the Twiga digital/cloud environment in collaboration with stakeholders from tech and various departments.
  • Actively liaise with the development team to ensure a secure architecture.
  • Actively liaise with third-party vendors to ensure all initiatives are successfully delivered as per mandate.
  • Plan and manage information security budget.

Risk Management

  • Oversee regular information risk identification, assessment and mitigation activities with business and technology teams
  • Investigate and analyse existing cloud structures and create new and enhanced security methods that will enhance the security of
  • cloud-based environments.
  • Responsible for identifying, defining and implementing appropriate security controls for our cloud applications and systems.
  • Assess current technology architecture for vulnerabilities, weaknesses and for upgrades and/or improvement.

Security Incident Management

  • Monitor security incidents on Technology services and systems.
  • Track security resolution incidents and anomalies.
  • Lead incident response for minor/major/critical incidents in collaboration with relevant stakeholders.

Security Training & Awareness

  • Provide information security awareness training to organization personnel.
  • Communicate information security goals and new programs effectively with other department managers within the organization
  • Serve as a focal point of contact for the information security team within the organization and externally to vendors.

Budget Development and monitoring

  • Developing and reviewing the budget and costs under cyber security scope of work & identify areas for cost savings.
  • Reviewing vendor implementation contracts to ensure Twiga gets value for money.

Disaster Recovery

  • Manage and configure physical/cloud security, disaster recovery and data backup systems.
  • Develop a BCP guideline to ensure information security standards are maintained.


  • Model Twiga’s culture and way of working
  • Drive the achievement of the performance objectives set for the team. Hold monthly 1-on-1 performance reviews with reports, and follow up corrective action where performance falls below expectation.
  • Proactively manage own and team learning and development
  • Ensure team adheres to the agreed annual leave plan
  • Ensure team adheres to people management policies


  • Comply with all organization policies, procedures, and statutory guidelines. Minimize and mitigate risks to the organization and enforce zero-tolerance to non-compliance.
  • Close gaps/lapses identified as an outcome of audits; risk and/or any other compliance review; investigations; or other assessment mechanisms and take corrective/preventive actions within the agreed timelines.

Minimum Qualifications & Requirements:

  • Bachelor’s degree in computer science or Computer Engineering or relevant education.
  • Relevant industry certifications (e.g., CEH, CISSP, CISA, ITIL) are an added advantage.
  • 7 years relevant experience
  • Information security risk management
  • Implementation of cloud-based information security controls
  • Training and awareness on information security
  • Vulnerability management
  • Must be well versed in Active Directory, VPN systems, encryption schemas and algorithms, various authorization and authentication mechanisms/software, network monitoring and sniffing, TCP/IP networks and vulnerability and threat management tools (including network-based scanners).
  • Must be versed in GCP suite and how to secure it
  • Thorough understanding of cryptographic primitives and their underlying principles.
  • Thorough understanding of networking protocols, such as TCP/IP.

Leave a Reply Protection Status