Current Openings at KCB Bank Kenya

KEY RESPONSIBILITIES: 

• Conduct regular penetration tests and vulnerability assessments on networks, web applications, and other critical infrastructure.
• Develop, implement, and manage penetration testing schedules to identify, classify, report, and prioritize remediation of security vulnerabilities across the Group resulting in timely and effective security assessments.
• Use a variety of tools and techniques to simulate attacks on systems and uncover vulnerabilities.
• Develop and deliver reports on the status and effectiveness of the security testing program to internal leadership and all relevant stakeholders.
• Perform in-depth analysis of penetration testing results and create reports that describe findings, exploitation procedures, risks, and recommendations.
• Provide technical VAPT related support to projects in a bid to ensure compliance to technical security policies and standards. Execute penetration testing projects using the established methodology, tools, and rules of engagements.
• Develop, research, and maintain proficiency in tools, techniques, countermeasures, and trends in computer and network vulnerabilities, data hiding, and encryption.

Academic & Professional

• Particulars Detail    Specific Field or Qualification Need Type[1]
• Education  Bachelor’s Degree B.Sc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field    RQ

Professional Qualifications    

• Cybersecurity certification in either CISA/ CISM/ CISSP/ Security+ /
• Cybersecurity certification in either CEH/CPT/CRT/GPEN/OSCP/ OSWA/OSWE/ LPT/ PenTest+/ ECSA/ CHFI/ or a relevant equivalent certification/Certified Red Team Expert (CRTE)/Certified Red Team Operator (CRTO)/ Bug Bounty Researcher (ICBBR)/ Certified Information Systems Security Tester (CISST)/PECB ISO/IEC 27001 Lead Auditor/
• AT least one RQ or equivalent
• Penetration Testing / Cybersecurity Assurance Certification   /Cisco Cyberops Associate & Professional or any relevant equivalent certification    AA
• Master’s Degree    MBA / MSc     AA

Experience

• Total Minimum No of Years of Experience Required- 4yrs
• Experience in Cybersecurity- 3yrs
• Experience in Penetration Testing and Ethical hacking- 3 ys
• Cross-Functional Collaboration with other teams and departments to enable effective defence-in-depth controls through Red Team, Purple Team and Blue Team exercises. 
• Emulate advanced threat actors by planning, executing, and analysing complex attack scenarios. Help develop and refine tactics, techniques, and procedures (TTPs) used by adversaries.

go to method of application »

KEY RESPONSIBILITIES:

• Lead requirements analysis, validation, and verification, ensuring that requirement statements are complete, consistent, concise, comprehensible, traceable, feasible, unambiguous, and verifiable.
• Elicit requirements using interviews, document analysis, surveys, site visits, business process descriptions, use cases, scenarios, business analysis, competitive product analysis, task, and workflow analysis, and/or requirements workshops.
• Business requirements documentation.
• Create and Review Technical Architecture Documents for system changes and new systems and solutions.
• Facilitate requirements prioritization based on business value.
• Manage changes to requirements through effective use of change control processes and tools.
• Participate and guide on the non-functional tests planning and execution i.e., performance / load tests, security tests and high availability and fail over testing
• Track entire life cycle for each IT change request from logging to fulfilment and closure i.e., requirements definition, CAB approval, solution design, solution build, resource allocation, testing, deployment and post deployment review and any remedial actions thereof.
• Assist in ensuring governance of the IT Change Management Policies and procedures through continuous reporting, training, and education

The Person

For the above position, the successful applicant should have the following: 

• A Bachelor’s degree in IT or related.
• Professional certification in either Project Management (PRINCE2 or PMP), Service Management (ITIL) Business Analysis (CBAP, CPP) or Agile Practice (SAFe, SCRUM). 
• Master’s degree in IT Related, Business Administration, Project Management is an added advantage. 
• At least 3 years’ work experience in IT systems. 
• At least 2 years relevant work experience with specific experience in:
• IT projects
• Banking Operations 
• Change management 
• Emerging Technologies(channels)(e.g, mobile, internet Banking.