Information Security Specialist

  • Added Date: Tuesday, 21 January 2020
  • Deadline Date: Saturday, 21 March 2020


Founded in 2006, One Acre Fund supplies smallholder farmers with the agricultural services they need to make their farms vastly more productive. We provide quality farm supplies on credit, delivered within walking distance of farmers’ homes, and agricultural trainings to improve harvests. We measure our success by our ability to make farmers more prosperous: On average, farmers harvest 50 percent more food after working with One Acre Fund.

We are growing quickly. We currently serve more than 800,000 farm families in Eastern and Southern Africa, with more than 7,500 full-time staff, and we aim to serve 1 million farm families by 2020.


This is a Junior role which will be focused on task execution as related to ISMS as part of organization Risk Management. It will include a combination of daily & weekly tasks to be completed, creation of comprehensive reports for review, and contributing to ISMS strategic planning. You will be heavily involved in coordination and communications with departments and staff organization-wide. You will report to the Director of Information Security.

Responsibilities will include:

Data Protection:

  • Maintain organization solution/software catalogue (SAM), and asset catalogue (ITAM)
  • Perform scheduled IS assessments on organization solutions: cloud, virtual machines, mobile, other
  • Coordinate corrective actions required to comply with internal Information Security policy and Data Governance framework

Staff Awareness & Training:

  • Perform staff Information Security Awareness sessions: phishing, data storage, encryption, malware, best practices, reporting IS issues, other (travel required)
  • Regular communications with departments and staff on Information Security & Data Governance standards and plans

Incident Response: (CSIRP)

  • Respond to incidents per internal incident response practices: potential data leaks or breaches, phishing, malware exploits, other
  • Perform comprehensive response actions: incident remediation, incident documentation, and post-incident analysis

Exploit Awareness:

  • Maintain catalogue of known exploits relevant to organization solutions and technology
  • Maintain response plan per internal IS framework to potential threats

Report contributions:

  • Maintain weekly reports as needed for ISMS effectiveness measurements
  • Help create reports contributing to ISMS strategy: incident metrics, business continuity


We have a strong culture of constant learning and we invest in developing our people. You’ll have weekly check-ins with your manager, access to mentorship and training programs, and regular feedback on your performance. We hold career reviews every six months, and set aside time to discuss your aspirations and career goals. You’ll have the opportunity to shape a growing organization and build a rewarding long-term career.


  • 3+ years of experience in Information Security or CyberSecurity
  • Must have working knowledge of (ISO) International Standards Organization – as related to 27000 series
  • Must have working knowledge of recognized Information Security or CyberSecurity frameworks
  • Strong preference for candidates with knowledge of related Data Governance and Technical Governance practices
  • Strong preference for candidates with Information Security certifications
  • Strong preference for candidates with experience in staff training
  • Strong educational background; [degree in relevant field preferred].
  • Demonstrated leadership experience at work, or outside of work, enthusiasm for learning, and openness to feedback.
  • Ability to build teams and collaborate with colleagues from diverse backgrounds.
  • Language: English required in all locations. French required for Burundi placement. Other notable and useful languages are Swahili, Kinyarwanda, Kirundi, Chichewa, Amharic.




Commensurate with experience.


Health insurance and paid time off


No; must have existing rights to work in Kenya

One Acre Fund never asks candidates to pay any money or pay for tests at any stage of the interview process. Official One Acre Fund emails will always arrive from an address. Please report any suspicious communication here (, but do not send applications or application materials to this email address.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression. We are proud to be an equal opportunity workplace.

Please apply here:

Recommended for you