Vacancies at World Vision Kenya

Key Responsibilities:

Data Protection and Compliance Management

• Ensure full compliance with the Data Protection Act 2019 and GDPR standards.
• Conduct Data Protection Impact Assessments (DPIAs) for new or modified data processing activities.
• Maintain an updated record of processing activities, privacy notices, and consent mechanisms.
• Coordinate compliance with Payment Card Industry Data Security Standards (PCI DSS).
• Support the organization in managing and responding to data subject rights requests within statutory timelines
• Oversee implementation of lawful data retention, archiving, and secure disposal policies
• Ensure that international data transfers comply with legal adequacy requirements and secure transfer mechanisms.
• Embed privacy-by-design principles into projects, products, and system developments.

Cyber-Security Governance, Risk, and Compliance Management

• Monitors the legal and regulatory environment for developments.
• Manages the implementation of the cybersecurity programs aimed at identification, management and remediation of threats to improve the cybersecurity posture.
• Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
• A robust, updated cybersecurity framework that is aligned with a Zero Trust paradigm, NIST CSF, CIS Critical Security Controls, Cloud Security Alliance Cloud Controls Matrix, and organizational standards.
• Proactively assess system vulnerabilities and incidents and establish mitigation procedures to minimize impact to business operations.
• Document and test security incident response plans and protocols.
• Plan and oversee periodic penetration testing, ethical hacking, and red/blue team simulations to evaluate incident preparedness.
• Monitor global threat intelligence feeds and proactively adjust defensive postures in response to emerging threats

Incident Response Management

• Lead the development and execution of incident response plans.
• Investigate and document security breaches and recommend corrective actions.
• Collaborate with legal, compliance, and ICT teams for resolution and regulatory reporting.
• Maintain a data breach register and ensure timely notification to authorities and data subjects as required.

Staff Training and Awareness

• Develop and roll out organization-wide training programs on cybersecurity and data privacy.
• Conduct regular workshops and simulated phishing assessments.
• Raise awareness on best practices in data handling, incident reporting, and digital hygiene
• Support internal departments and third parties in aligning data processing with compliance requirements.

Policy Development and Audit

• Draft and maintain ICT security policies, standards, procedures, guidelines, and playbooks.
• Lead internal and external audits for cybersecurity and data protection compliance.
• Provide inputs for organizational policy improvements and governance structures.
• Establish and track data protection performance indicators, and continuously improve internal processes based on audit findings and legal updates.                                               

Stakeholder Engagement and Reporting

• Act as the liaison with the Office of the Data Protection Commissioner and other relevant bodies.
• Provide quarterly risk and compliance reports to senior leadership.
• Contribute to cross-functional security and compliance committees.
• Support internal departments and third parties in aligning data processing with compliance requirements.

KNOWLEDGE/QUALIFICATIONS FOR THE ROLE

Required Professional experience

• Minimum 4 years' experience in cyber security and data protection privacy, advocacy and implementation (INGO/IASC/PIM humanitarian data experience will be an added advantage)
• Expertise in data protection and compliance laws, rules, regulations, risks, specifically privacy and data protection laws, rules and regulations in East Africa
• Awareness of regulatory requirements including local, international and industry standards
• Knowledge and experience in data processing and managing areas relevant to privacy and data protection (information security; data governance; third party risk management; data encryption/decryption)
• Experience with digital security awareness topics and best practices, particularly cybersecurity
• Experience with remote facilitation and training
• Experience within a legal, audit and/or risk function department
• Strong project management skills
• Ability to work well under pressure and manage sensitive and confidential information
• Excellent verbal and written communication skills, with strong attention to detail
• Great interpersonal skills and ability to work well both independently and as part of a team
• Excellent analytic and computer skills

Required Education & Certification

Bachelor’s Degree in any of the following fields; Computer Science, Information Communication Technology, Informatics, Law, Statistics or their equivalent from a recognized and accredited institution; 

Preferred Professional certifications;  

• Any Cyber-Security certifications (CompTIA or any other)
• Any data privacy certification (CISSP/ CISM or any other)

Preferred Knowledge and Qualifications

• Ability to engage at a strategic level with Office of Data Protection Commissioner officials.
• Strong budgetary and financial management skills.
• The person must be results oriented, able to handle public relations, and a team player.
• Good interpersonal, organizational and management skills.
• Ability to maintain performance expectations in diverse cultural contexts, and physical hardship conditions.
• Ability to solve complex problems and to exercise independent judgment

go to method of application »

Key Responsibilities:

Full-Stack Software Development

• Design, develop, test, and maintain web and mobile applications that support development initiatives, ensuring alignment with user needs, organizational goals, and project timelines.
• Contribute to full-stack development across the entire application lifecycle, integrating intuitive front-end interfaces with robust back-end services and secure, scalable databases.
• Design and develop APIs and interoperability solutions for integrating with third-party platforms.
• Build and optimize applications for low-bandwidth, offline-capable, and mobile-first environments.
• Write modular, maintainable, and well-documented code that adheres to internal coding guidelines and industry best practices, including the use of design patterns, version control, and code linting tools.
• Diagnose and resolve bugs and performance issues using structured approaches such as logging, unit/integration testing, profiling, and incorporating feedback from users and digital teams.
• Participate in peer code reviews and promote a culture of quality and learning, offering constructive feedback, identifying areas for improvement, and encouraging adherence to coding standards and secure development practices.

ICT4D Program Design & Implementation

• Collaborate with the integration of digital solutions into development programs by identifying opportunities where technology can enhance program efficiency, reach, and impact across thematic areas, ensuring alignment with the organization's strategic objectives.
• Provide technical input and guidance to the Digital Innovations Committee on the design and implementation of prioritized initiatives, process improvements, and broader digital transformation efforts.
• Participate in digital solution design sessions to strategically identify and address technical business and programmatic organizational needs.
• Collaborate with program teams to identify tech needs and co-create digital solutions tailored to community contexts.
• Work closely with developers, project managers, and key stakeholders to gather functional and technical requirements, contribute to solution architecture, and support the successful implementation of ICT4D interventions.

Business Support

• Provide support for knowledge management, decision-making, and programming effectiveness by ensuring efficient operations and use of information sharing, communication, and collaboration technologies.
• Responsible for managing or contributing to Digital Innovation Committee strategy sub-projects/activities, developing business processes, technical supports, and critical feedback.
• Analyze data from systems and produce dashboards, and technical and business reports for consumption by directorates, sector managers, and partners
• Proactively manage data quality and credibility in implemented systems and technologies
• Promote and support the dissemination of project information and experience sharing among the project team
• Staying abreast of ICT developments, providing recommendations based on opportunities to improve the efficiency and impact of technologies in use.

Capacity Building

• Maintain personal and professional development to meet the changing demands of the job.
• Design and implement training programs to strengthen the capacity of staff, partners, and stakeholders in ICT4D, digital literacy, and technology adoption.
• Develop and provide capacity building (training, on-the-job support) to staff and partners in ICT-related areas.
• Provide technical support and knowledge transfer to national and regional personnel, ensuring sustainable adoption and effective use of ICT solutions across programs.

KNOWLEDGE/QUALIFICATIONS FOR THE ROLE

Required Professional experience

• At least 3 years of experience in ICT solutions in the implementation of innovations, technology, and digital development programmes in the development sector and in a busy computer systems environment.

Required Education & Certification

• Bachelor's degree in computer science, Information Systems, Software Engineering, or a related field

Preferred Knowledge and Qualifications

• Proficiency in modern programming languages/frameworks (e.g., JavaScript/React/Node.js, Python/Django/Flask, Java, PHP, or Kotlin for Android).
• Experience with mobile development (Android or cross-platform tools like Flutter/React Native).
• Knowledge of DevOps practices, Git workflows, CI/CD pipelines, and cloud infrastructure (e.g., AWS, Azure, GCP).
• Solid understanding of database systems (e.g., PostgreSQL, MySQL, MongoDB).
• Strong analytical and problem-solving mindset.
• Ability to communicate complex technical concepts to non-technical audiences.
• Experience in designing business processes and implementing complex solutions in diverse thematic areas.
• Knowledge of ICT4D trends, applications, and technologies.
• Proactive, resourceful, solutions-oriented and results-oriented.
• Able to quickly research, learn, and implement new technologies.
• Able to prioritize work, multi-task, and meet deadlines.