Cybersecurity Specialist, Security Awareness at KCB Bank Kenya

The Position:

The Cybersecurity Specialist, Security Awareness is responsible for the development and implementation of KCB’s security awareness programs, educating all personnel and third parties of security threats they face in their jobs, and how to defend against them.  The Cybersecurity Specialist, Security Awareness will also be responsible for implementing KCB's phishing program. This position develops and executes targeted security awareness campaigns and measures their effectiveness. The objective of this position is to ensure that the security awareness program is effectively changing behaviours, ensuring KCB staff act in a secure manner.

Key Responsibilities:

• Administer, optimize, and support the Bank’s awareness and phishing simulation solutions, in compliance with the Bank’s policies and standards.
• Collaborate with the Cybersecurity Intelligence and Security Operations Centre (CiSOC) in the continuous monitoring and defence of the Bank’s human aspects of social engineering for cybersecurity threat indicators and assist to detect, report, and respond to related incidents.
• Monitor and identify the top human aspects of social engineering risks to our organization and the behaviours we need to change to mitigate those risks.
• Develop, manage, implement, and deliver the security awareness program in liaison with Learning and Development, which focuses on changing behaviours for the organization.
• Lead the creation and procurement of security awareness deliverables such as the Cybersecurity awareness learning content and Phishing simulation solutions.
• Establish a security awareness network with key stakeholders throughout the organization to understand risks and business objectives while also enhancing the program through the established networks.
• Scoping of security awareness campaigns to meet targeted goals.
• Measurement and reporting of campaign attendance and effectiveness, and completion of assigned security awareness training.
• Provide input into Cybersecurity risk and control self-assessments.
• Drive implementation and review of Bank’s Security Awareness standards and security controls.

The Person:

For the above position, the successful applicant should have the following:

• University degree from a recognized institution preferably in Information Technology/Computer Science/ Cyber Security/ Engineering (Electrical & Electronics) or related field.
• A professional cyber security certification in either of the following: CISA/ CISM/ CISSP/CRISC
• 5 years Technology experience with at least 3 years’ experience in a large business technology environment, with 2 years’ experience in cyber security and 1 year experience developing and delivering security awareness programs.