Cybersecurity Specialist, Threat Hunting and Intelligence at KCB Bank Kenya

KEY RESPONSIBILITIES

• Research, collect, coalesce, and analyse open source and proprietary threat reporting feeds to provide applicable and actionable cyber threat intelligence.
• Continuously identify, analyse, pursue, and evict (“hunt”) advanced cyber threats from the bank’s technological ecosystems, whether on premise or in the Cloud. Detect novel vulnerabilities and work towards mitigating the associated cybersecurity risk before it adversely impacts the bank.
• Provide a forward-looking view of the cyber threat landscape as it relates to the financial sector, predicting shifts in adversarial intent, goals, and strategic objectives.
• Maintain meticulous documentation of cyber threats, threat vectors, threat actors, and threat trends, tactics, techniques and procedures for consumption during threat modelling activities and security incidents. Prepare and publish reports for consumption by various levels, from technical to executive.
• Build and leverage relationships with both internal and external peers from public and private sector organizations.
• Develop, effect, and continuously refine threat hunting and threat intelligence frameworks.
• Collaborate with the wider Cybersecurity Intelligence Security Operations Centre (CISOC), SOC Engineering, and Group Cybersecurity (GCS) technical teams to gain and give insight into threat models and security architectures specific to KCB Bank with a view to advancing effective cybersecurity control schemas.
• Give input to security awareness training and education programs based on the outcomes of threat hunting and threat intelligence exercises.
• Stay up to date with relevant vulnerabilities, threat actors, indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and trends; ascertain actionable areas of interest and threats.
• Deliver timely, relevant, and actionable intelligence and recommendations through threat hunting and threat intelligence reports, briefings, and threat assessments to stakeholders to improve the ability to detect threats in the bank’s environment.

DAILY RESPONSIBILITIES

• Monitor the surface, deep, and dark Web utilizing a diverse toolset to monitor and track threat actors, IOCs, and other cyber security risks; provide actionable intelligence.
• Administer, configure, and continuously improve advanced cyber threat hunting and threat intelligence platforms.
• Continuously conduct threat hunts based on predefined hypotheses.
• Provide periodic threat hunting and threat intelligence updates to the CISOC, GCS management, and executive leadership.
• Furnish expertise to the CISOC in handling and remediating security incidents.

MINIMUM POSITION QUALIFICATION REQUIREMENTS

• A Bachelor's degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or Electronic) or related field from a recognized university. 
• Must possess at least 2 security certification from the list: 
  • Certified SOC Analyst (CSA)
  • Certified Ethical Hacker (CEH)
  • Certified Incident Handler (E|CIH)
  • GIAC Certified Intrusion Analyst (GCIA)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Reverse Engineering Malware (GREM)
  • Certified Information Systems Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Security+
• Certified Information Systems Auditor (CISA). 
• A minimum of 5 years’ work experience in Information Technology; with at least;-
• 3 years’ experience in Information/Cyber Security. 
• 2 years' experience in Security Operations Centre/Security Monitoring/Endpoint Detection and Response/Network Detection and Response.
• Experience in Security Tools Administration (SIEM, DAM, WAF, etc.) or Incident Response and Management is desired.
• Experience working in in the financial services industry and in a complex technological environment is desired.