CISOC Analyst at KCB Bank Kenya

KEY RESPONSIBILITIES

• Monitor user and system activity to identify suspicious activities leveraging on security systems
• Monitor network activity and investigate anomalous events and traffic trends
• Check security monitoring status of systems on monitoring tools and initiate remediation of noted gaps
• Monitor alerts and alarms from security monitoring tools and initiate corrective actions
• Configure and fine tune security monitoring systems to make sure the bank is sufficiently protected
• Administer security tools ensuring optimal uptime and resource utilization
• Investigate suspicious user and system events and identify breaches and root cause.
• Mitigate intrusion attempts through proactive response to incidents
• Prepare manual and scheduled reports for various stakeholders
• Research and stay up to date on technology and cybersecurity trends

DAILY RESPONSIBILITIES

• Monitor event logs from various systems (firewalls, email, web and DNS, databases, etc.) to identify suspicious activities or attacks, intrusions, and unusual, unauthorised, or illegal activity
• Perform incident drilldowns and investigations and escalate validated incidents to designated incident response teams
• Follow up on security incidents with relevant support teams and ensure timely resolution
• Administer the performance, resource utilisation and overall health of the Bank’s security monitoring tools
• Prepare and circulate SOC management reports and dashboards

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic and Professional

Education 

• Bachelor’s  Degree BSc. Information Technology / Computer  Science / Cybersecurity / Engineering  (Electrical, Electronic) or related field  RQ 

Professional  Certifications 

• Certified SOC Analyst (CSA)/ 
• Certified Incident Handler (E|CIH)/ 
• Certified Threat Intelligence Analyst (CTIA)/ 
• Certified Information Systems Security 
• /Professional (CISSP)/ 
• Certified Ethical Hacker (CEH)/ 
• PENTEST+ 
• Security+ 
• Certified Information Systems Auditor  (CISA) 
• Certified Information Security Manager (CISM)  RQ 

Particulars  Detail  Specific Field or Qualification  Need Type

• Any vendor-specific SIEM certification 
• (Splunk, QRadar, LogRhythm, ArcSight, AlienVault, etc.)  AA  
• Any vendor-specific information security certification  AA 
• Master’s Degree  MBA / MSc Cybersecurity / Information 
• Systems Security / IT Security / IT  AA 

Experience

Total Minimum Number of Years of IT Experience Required 

• 2 Years

Detail  Minimum No. of Years  Need Type

• Experience in Cybersecurity  1  ES 
• Experience in System/ Network/ Database or 
• Cloud Platform Administration, or Application Development 1  DE