Information Security Associate

You will focus on information security management (ISMS) task execution as part of the organization's risk management. This will include daily & weekly tasks, creation of comprehensive reports, and contributions to ISMS strategic planning.

Job overview

Career Level


Kenya was our founding country of operation, and it remains our largest in terms of both numbers of clients and staff.

About One Acre Fund

Founded in 2006, One Acre Fund supplies 1 million smallholder farmers with the agricultural services they need to make their farms vastly more productive. Our 8,000+ team is drawn from diverse backgrounds and professions. With operations across six core countries in Africa, we make farmers more prosperous by providing quality farm supplies on credit, delivered within walking distance of farmers’ homes, and agricultural training to improve harvests. On average, our farmers harvest 50 percent more food after working with One Acre Fund. 

To learn more about our work, take a look at our Why Work Here blog for more information.

About the Role

This role will be focused on task execution as related to ISMS as part of organization Risk Management. It will include a combination of daily & weekly tasks to be completed, creation of comprehensive reports for review, as well as contributing to ISMS strategic planning. This role will be heavily involved in coordination and communications with departments and staff organization-wide. This role will report to the Director of Information Security.


  • Exploit Awareness:
    • Maintain catalogue of known exploits relevant to organization solutions and technology
    • Maintain response plan per internal IS framework to potential threats
  • Staff Awareness & Training:
    • Perform staff Information Security Awareness sessions: phishing, data storage, encryption, malware, best practices, reporting IS issues, among others
    • Regular communications with departments and staff on Information Security & Data Governance standards and plans
  • Data Protection:
    • Perform IS assessments on organization solutions: cloud, virtual machines, mobile applications, API's, other
    • Coordinate corrective actions required to maintain compliance with internal Information Security framework, and Data Governance policies
  • Incident Response:
    • Respond to incidents per internal incident response practices: potential data leaks or breaches, phishing, and malware exploits
    • Perform response actions: incident remediation, incident documentation, and post-incident analysis
  • Report contributions:
    • Maintain weekly reports as needed for ISMS effectiveness measurements
    • Help create reports contributing to ISMS strategy: incident metrics, business continuity.

Career Growth and Development

We have a strong culture of constant learning and we invest in developing our people. You’ll have weekly check-ins with your manager, access to mentorship and training programs, and regular feedback on your performance. We hold career reviews every six months, and set aside time to discuss your aspirations and career goals. You’ll have the opportunity to shape a growing organization and build a rewarding long-term career.


Across all roles, these are the general qualifications we look for. For this role specifically, you will have:

  • 4+ years of experience in Information Security or CyberSecurity
  • Have working knowledge of (ISO) International Standards Organization – as related to 27000 series
  • Have working knowledge of recognized Information Security or CyberSecurity frameworks
  • Strong preference for candidates with knowledge of related Data Governance and Technical Governance practices
  • Strong preference for candidates with Information Security certifications
  • Strong preference for candidates with experience in staff training
  • Strong educational background with minimum of a Bachelor's Degree.
  • Demonstrated leadership experience at work, or outside of work, enthusiasm for learning, and openness to feedback
  • Ability to build teams and collaborate with colleagues from diverse backgrounds.

Preferred Start Date

Due to the ongoing Covid-19 pandemic, start dates can vary significantly by role. We are adapting rapidly to Covid-19 and most of our team is now working remotely. Given the changing environment, we will appreciate your flexibility in confirming a start date.

Job Location

Nairobi, Kenya


Health insurance, housing, and comprehensive benefits


This role is only open to citizens or permanent residents of Kenya. 

Application Deadline

We hire on a rolling basis which means that applications are reviewed and processed on a continuous basis until a hire is made.

One Acre Fund never asks candidates to pay any money or pay for tests at any stage of the interview process. Official One Acre Fund emails will always arrive from an address. Please report any suspicious communication here (, but do not send applications or application materials to this email address.

Diversity, Equity, Inclusion (DEI), and anti-racism are deeply connected to our organization’s mission and purpose. One Acre Fund aspires to build a culture where all staff feel consistently valued, represented, and connected – so that our team can thrive as professionals, and achieve exceptional impact for the farmers we serve.

We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, marital status, disability, gender, gender identity or expression. We are proud to be an equal opportunity workplace.

Subscribe to our newsletter

Once a month, you'll receive a roundup of our latest news and job opportunities. 

Help us personalize your experience by telling us a little about yourself.