Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Jun 2, 2023
    Deadline: Jun 16, 2023
  • Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us

    Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya - incorporated with effect from January 1, 2016 - and all KCB's regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It als...
    Read more about this company


    Cybersecurity Analyst DevSecOps

    Key Responsibilities

    • Represent Group Information Security in assigned implementation projects and scrum teams to ensure all applications and changes meet set information security requirements before introduction to production environments.
    • Contribute to the definition, documentation, and implementation of software security policies, secure coding practices and guidelines for the bank in line with industry best practices and technologies commensurate with risk and regulatory requirements. 
    • Consistently provide security requirements to developers and third parties to adhere to and comprehensively implement the Bank’s software security assurance framework by carrying out security and risk assessments of application and software changes.
    • Collaborate with Enterprise Architecture and Business Application Development teams to identify application/software security improvements and plug-in identified security controls in DevSecOps tools.
    • Contribute to formulation and conducting of regular trainings on secure coding, software security and application security practices for the development and other KCB technology teams at regular intervals.
    • Contribute to the identification, integration, and maintenance of application security tools, such as SAST (Static Application Security Testing) and DAST tools (Static/Dynamic Application Security Testing), standards, and processes into the software development or product life cycle (SDLC / PLC), and CI/CD pipelines.
    • Perform security and risk assessments for business solutions to identify inherent security risks and provide recommendations for addressing such risks.
    • Create, and deliver software/application security compliance and testing reports and relevant metrics to the Bank’s Senior Management.
    • Collaborate in the continuous monitoring and defence of the Bank’s critical applications, such as core banking, and digital channels, for cybersecurity threat indicators; report on violations and security measures taken to address threats.
    • Protect the bank’s applications and systems by defining and reviewing access privileges and other security control structures.

    The Person

    For the above position, the successful applicant should have the following:

    • Bachelors Degree in Information Technology/ Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field.
    • Any one certification from the list: Information Security certification in either CISA/ CISSP/ Security+/ Information Security Testing/ DevSecOps certification in either CDP (Certified DevSecOps Professional)/ CSSLP (Certified Secure Software Lifecycle Professional)/CEH, OSCP/ CPT/ GPEN/ GWAPT.
    • 3 years' Technology experience with at least 1 year in Information Security.
    • Strong Application Security knowledge, experience within Secure SDLC and DevSecOps.
    • 1 year experience in testing or implementing web, API, containerisation, or mobile application security best practices (such as OWASP, NIST).
    • Experience in working with CI/CD tools is desired.

    Method of Application

    Interested and qualified? Go to KCB Bank Kenya on to apply

    Build your CV for free. Download in different templates.

  • Send your application

    View All Vacancies at KCB Bank Kenya Back To Home

Subscribe to Job Alert


Join our happy subscribers

Send your application through

GmailGmail YahoomailYahoomail