Latest Vacancies at KCB Bank Kenya

The Network Security Specialist is responsible for maintaining the integrity and confidentiality of the organization’s data in motion and information systems, through preventing, detecting and resolving security threats to KCB Group computer networks.  The holder is also responsible for the deployment, testing and maintenance of network security systems.

Key Responsibilities:

• Security administration, optimization and support of the Bank’s web security gateways/proxies, perimeter firewalls, network intrusion detection/prevention systems, and network admission control in compliance with the Bank’s policies and standards.
• Collaborate in the continuous monitoring and defence of the Bank’s networks for cybersecurity threat indicators, identify compromised endpoints, fine tune intrusion detection/prevention signatures and mechanisms; report on violations and security measures taken to address threats.
• Appropriately and practically defend the Bank’s network perimeter, remote access, local and wide area network (LAN/WAN), and wireless networks (WLAN), in accordance with established policies, procedures, guidelines and practices.
• Develop Network Security Policies and Minimum Configuration Baseline Standards in line with industry best practices and technologies commensurate with risk and regulatory requirements and implementing the same cost effectively.
• Define, create, and deliver compliance reports and relevant metrics to the Senior Manager, Security Protection and Defence.
• Provide technical network security related support to projects from inception through to successful implementation in a bid to ensure that network security is inbuilt into the infrastructure.
• Coordinate effective and secure lifecycle management of encryption keys and certificates for the Bank.
• Continuous audit of network security configuration of all network systems, including but not limited to Firewalls, Identity Services Engine, WLAN, LAN equipment so as to provide optimum security, performance and availability.
• Provide input into technology security risk control self-assessments by leveraging specialized knowledge in identity/privileged access management.
• Research on and provide technical network security expertise to the Senior Manager, Security Protection and Defence and the Head, Technology Security.

The Person:

• A Bachelor's degree in Information Technology or related field from a recognized university.
• Must possess at least one professional certification such as CCNA, CCNA Security or CCSA. CISA, CISM, Security+, CISSP will be added advantage.
• A minimum of 5 years’ supervisory experience in Information Technology; with at least:
  • 3 years’ experience in Information Security.
  • 2 years’ experience in Network Security (Firewall, NAC etc) Administration.
• Experience in Project Implementation & User Training.
• Good knowledge of Banking Operations.
• Excellent planning and organizing skills
• Excellent problem analysis and attention to detail.

To be considered your application must be received by Tuesday, 26th May, 2020

Only short listed candidates will be contacted.

NB: In the event that you are successful, we will require that you provide us with the following documents:

• National I.D.
• KRA Pin Card
• Birth Certificate of self
• Passport Photo (White Background)
• NSSF Card
• NHIF Card
• Certificate of Good Conduct (less than 5 Months old)
• Academic and Professional certificates, including official transcripts

go to method of application »

The Vulnerability Management Specialist will be responsible for assessing the security posture of existing and new technology systems, platforms and processes, to protect and continually improve the confidentiality, integrity & availability of information systems, in accordance with KCB Group’s business objectives, regulatory requirements, and strategic goals. In addition, he/she is responsible for maintaining a vulnerability management framework for the Group by conducting Vulnerability Assessment & Penetration Testing (VAPT) exercises, recommending appropriate controls, managing VAPT solutions and maintaining a risk register.

Key Responsibilities:

• Design, implement and support VAPT solutions and a framework identified as necessary for the protection of KCB Group information assets.
• Serve as the system owner for and administer common VAPT toolsets, platforms, and processes, as well as serve as a Subject Matter Expert (SME) for the VAPT role for all VAPT exercises executed internally or by contracted vendors.
• Perform vulnerability assessment and penetration testing on the Bank’s infrastructure and systems to ensure that they are secure from external or internal intrusion attempts thus reducing the risk of successful intrusions against KCB group.
• Provide technical VAPT related support to projects from inception through to successful implementation in a bid to ensure compliance to technical security policies and standards.
• Perform authorized attack surface reviews and penetration tests against specific targets at the direction of the Senior Manager, Security Monitoring & Response.
• Provide assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles.
• Maintain a Vulnerability Scoring System that captures the qualitative representation of the assessment reports to help KCB Group properly assess and prioritize its vulnerability management process.
• Assess the sufficiency of policies, standards and procedures relative to VAPT best practices. Author standards and procedures designed to continually improve security posture.
• Perform continuous vulnerability monitoring in the KCB group environment and report compliance failures to management for immediate remediation.
• Define, create, and deliver status reports and relevant metrics to Senior Management.
• Provide input into technology security risk control self-assessments by leveraging specialized knowledge in VAPT.

The Person:

• A Bachelor's degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or Electronic) or related field from a recognized university.
• Must possess at least one professional certification such as CEH (Certified Ethical Hacker), LPT (Licensed Penetration Tester Master), OSCP (Offensive Security Certified Professional), CompTIA PenTest+, CMWAPT (Certified Mobile & Web Application Penetration Tester).
• A minimum of 5 years’ supervisory experience in Information Technology; with at least:
  • 3 years’ experience in Information Security.
  • 2 years’ experience in Vulnerability Assessments/ Penetration Testing.
• Good knowledge of Banking/ Financial Services Operations
• Excellent planning and organizing skills
• Excellent problem analysis and attention to detail.

To be considered your application must be received by Tuesday, 26th May, 2020.

Only short listed candidates will be contacted.

NB: In the event that you are successful, we will require that you provide us with the following documents:

• National I.D.
• KRA Pin Card
• Birth Certificate of self
• Passport Photo (White Background)
• NSSF Card
• NHIF Card
• Certificate of Good Conduct (less than 5 Months old)
• Academic and Professional certificates, including official transcripts

go to method of application »

The Identity and Access Management (IAM) specialist acts as the Subject Matter Expert in identity and privileged access management for KCB Group, and helps to design, implement, test and maintain identity/privileged access management solutions for the Bank. The individual is responsible for the continued development of IAM standards, practices, toolsets and roadmap. The IAM security specialist would be the advocate for segregation of duties, principles of least privilege, role based access control and just-in-time access control across the group.

Key Responsibilities:

• Implement and support the Bank’s identity and access management solution and processes in line with the Bank’s identity lifecycle management policies.
• Design, implement, and support the Bank’s privileged access management solution and processes in line with the Bank’s privileged access management policies and ensure the principle of least privilege.
• Serve as the custodian for user access matrices of all mission critical systems and roles, automation platforms, and processes; as well as serve as a Subject Matter Expert (SME) for identity/privileged access management.
• Provide technical support in the design and implementation of identity/privileged access management in projects from inception through to successful implementation in a bid to ensure compliance to set identity/privileged access management standards.
• Assess the sufficiency of policies, standards and procedures relative to identity and privileged access management best practices.
• Perform and coordinate periodic user recertification exercises across the KCB Group landscape, report compliance failures to management and follow up for immediate remediation.
• Perform periodic privileged access audits across KCB group’s systems identifying excessive permissions granted and follow up for immediate remediation.
• Define, create, and deliver compliance reports and relevant metrics to the Senior Manager, Security Protection and Defence.
• Provide input into technology security risk control self-assessments by leveraging specialized knowledge in identity/privileged access management.
• Conduct research and development on new areas in identity/privileged access management and perform knowledge sharing with Technology Security team across the group.

The Person:

• A Bachelor's degree in Information Technology or related field from a recognized university.
• Must possess professional certification in CISA. CISM, Security+, CISSP, CCSP will be added advantage.
• A minimum of 5 years’ supervisory experience in Information Technology; with at least:
  • 3 years’ experience in Information Security.
  • 2 years’ experience in Identity and Access Management.
• Experience in Project Implementation & User Training.
• Good knowledge of Banking Operations.
• Excellent planning and organizing skills
• Excellent problem analysis and attention to detail.

To be considered your application must be received by Tuesday, 26th May, 2020

Only short listed candidates will be contacted.

NB: In the event that you are successful, we will require that you provide us with the following documents:

• National I.D.
• KRA Pin Card
• Birth Certificate of self
• Passport Photo (White Background)
• NSSF Card
• NHIF Card
• Certificate of Good Conduct (less than 5 Months old)
• Academic and Professional certificates, including official transcripts