KEY RESPONSIBILITIES
- Implement, operate, and maintain cyber threat detection tools and capabilities. This includes applying patches and updates to the CISOC toolkit.
- Ensure full security monitoring coverage of the bank’s technological ecosystem – both on premise and in Cloud – by working with system owners to enroll their systems to Security Information and Event Management (SIEM), Database Activity Monitoring (DAM), Network Detection and Response (NDR), and other CISOC platforms
- Perform threat modelling exercises to characterise real-world cyber risk scenarios. Develop and implement use cases to detect these cyber threats.
- Design and execute processes to continuously seek and receive feedback from the frontline Security Monitoring Analysts, Cybersecurity Specialist, Threat Hunting and Intelligence, and other important stakeholders about the efficacy and efficiency of detection logic. Use said input to devise, finetune, amend, test, and iterate use cases. Formulate metrics to track the same.
- Act as the cybersecurity logging and monitoring Subject Matter Expert (SME) in support of the bank’s IT projects. Provide thought leadership by setting forth requirements and ensuring adherence to Minimum Security Baselines (MSBs) on log composition and structure. Work with project teams to validate the same. Onboard systems to SIEM and DAM and craft relevant use cases as key prerequisites to project approval.
- Curate and sustain the CISOC’s library of living, detailed use case documentation
- Ensure that daily and weekly system checks for issues such as log source dormancy and system bottlenecks, and biannual OEM health checks are carried out for the CISOC toolkit (SIEM, DAM, NDR, and any other CISOC tools). Pursue automation of repetitive, manual tasks.
- Conceive and create frameworks, guides, manuals, Minimum Security Baselines (MSBs), and Standard Operating Procedures (SOPs) relating to log source onboarding, use case creation and maintenance, CISOC systems administration, and all other facets of SOC Engineering. Ensure the same are approved, applied, and followed through consistently.
- Evaluate the suitability of the CISOC toolkit. Research and propose new technology acquisitions to improve the CISOC’s overall detection proficiencies
- Participate in the analysis and remediation efforts of cybersecurity incident response and apply the learnings therefrom towards improving the bank’s threat detection competencies.
MINIMUM POSITION QUALIFICATION REQUIREMENTS
Academic & Professional
- Bachelor’s Degree
- BSc. Information Technology, Computer Science, Telecommunications, Electrical and Electronics Engineering, or related RQ
- Professional Qualifications (Minimum 1 of the listed certificates for RQ)
Information security certifications such as:
- Certified SOC Analyst (CSA)
- Certified Incident Handler (E|CIH)
- GIAC Certified Intrusion Analyst (GCIA)
- GIAC Certified Incident Handler (GCIH)
- GIAC Certified Forensic Analyst (GCFA)
- Certified Information Systems Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- At least one RQ
- Several are AA
- Master’s degree
- MSc. Cybersecurity, Information Systems Security, IT Security, IT, or related AA
Experience
- Total Minimum Number of Years of IT Experience Required 5 years
Detail Minimum No of Years Need Type
- Experience in Information Security/Cybersecurity 3 ES
- Experience in Security Operations Centre/security monitoring 2 ES
- Experience in cybersecurity tool administration (DAM, EDR, NDR, SIEM, SOAR, WAF, XDR, etc.) or Content/Detection/Security/SOC Engineering 2 ES
- Experience in the Financial Services Industry 1 DE
- Experience in a complex technological environment 2 DE
go to method of application »
KCB Group is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya – incorporated with effect from January 1, 2016 – and all KCB’s regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It also owns KCB Insurance Agency, KCB Capital, KCB Foundation, National Bank of Kenya, and all associated companies. The holding company was set up to among other things to enhance the Group’s capacity to access unrestricted capital and also enable investment in new ventures outside banking regulations, achieve operational and strategic autonomy for the Group’s operating entities and enhance corporate governance across the Group and oversight in the management of subsidiaries. Related documentation: Group Name Change, Name Change Certificate, KCB Advise on Non-Operating Holding Company, KCB Group Structure, Kenya Gazette Notice.
go to method of application »
KEY RESPONSIBILITIES:
- Design, implement, and maintain a comprehensive vulnerability management framework covering on-prem, cloud, and containerized environments as necessary for the protection of KCB Group information assets
- Administer and optimize vulnerability management tools, including those for external attack surface monitoring and cloud security posture management.
- Serve as SME for vulnerability assessments across traditional infrastructure, cloud platforms and container ecosystems
- Manage vulnerability lifecycle, including prioritization, remediation tracking, and reporting for internal and external assets
- Integrate vulnerability management processes with SIEM/SOAR and other Security platforms for automated alerting and response
- Conduct research on emerging threats, zero-day vulnerabilities, and security best practices
- Provide technical guidance to system owners on secure configurations and remediation strategies.
- Ensure compliance with regulatory requirements and industry standards pertaining to Vulnerability Management
- Develop and maintain vulnerability scoring and risk prioritization models for enterprise-wide reporting.
- Act as Vulnerability Management SME in projects, providing advisory and validation of security controls throughout the lifecycle as needed
MINIMUM POSITION QUALIFICATION REQUIREMENTS
Academic & Professional
- Education Bachelor’s Degree B.Sc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field RQ
- Professional Qualifications Cybersecurity certification in either CISA/ CISM/ CISSP/ Security+/CEH AT least one or an equivalent RQ
- Penetration Testing / Cybersecurity Assurance Certification in either OSCP/ CPT/ LPT/ PenTest+/ ECSA/ CHFI/CCNA CyberOps any Cloud Security (AWS/Azure/GCP) certificates / Container Security (Kubernetes/Docker) AA
- Master’s Degree MBA / MSc AA
Experience
Total Minimum No of Years of Experience 5 years
Required in a Supervisory role
Detail Minimum No of Years Need Type[1]
- Experience in Cybersecurity 2 ES
- Experience in Vulnerability Management 1 RQ
- Security Testing / Penetration Testing 1 AA
- Experience in System/ Network/ Database or Cloud Platform Administration 2 ES
go to method of application »
KCB Group is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya – incorporated with effect from January 1, 2016 – and all KCB’s regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It also owns KCB Insurance Agency, KCB Capital, KCB Foundation, National Bank of Kenya, and all associated companies. The holding company was set up to among other things to enhance the Group’s capacity to access unrestricted capital and also enable investment in new ventures outside banking regulations, achieve operational and strategic autonomy for the Group’s operating entities and enhance corporate governance across the Group and oversight in the management of subsidiaries. Related documentation: Group Name Change, Name Change Certificate, KCB Advise on Non-Operating Holding Company, KCB Group Structure, Kenya Gazette Notice.
go to method of application »
JOB PURPOSE
The job holder is responsible for executing and driving the bank’s end-to-end digital merchant and partner ecosystem, including hands-on oversight of the mini-apps program. The role actively manages day-to-day relationships with mini-app partners and key merchants, coordinates the development and continuous enhancement of mini-apps and merchant solutions, and ensures smooth technical integration across the bank’s digital channels to deliver a seamless digital experience for merchants and partners.
The role manages the full merchant and partner lifecycle from acquisition and onboarding to growth and retention, ensuring frictionless payments, simplified transactions, rapid issue resolution, and optimized user journeys. The job holder is also responsible for implementing initiatives that increase platform adoption, engagement, and digital revenue. He/She will deliver new digital experiences and revenue opportunities by executing customer value propositions, targeted growth activities, and high-impact merchant and partner programs.
Success is measured by the strength of partner relationships, mini-app and merchant performance, increased platform usage, optimized digital experiences, and sustained growth in transactions and digital revenue.
KEY RESPONSIBILITIES:
Manage the Merchant & Mini-App Ecosystem
- Manage day-to-day operation of the bank’s digital merchant and partner ecosystem, including mini-app partners, ensuring smooth operations, partner support, and continuous growth in platform usage and transactions.
Execute Merchant and Partner Acquisition & Onboarding
- Carry out onboarding activities for new merchants and partners, ensuring all requirements, documentation, integrations, and setup steps are completed accurately and efficiently.
Coordinate Mini-App Development & Integration
- Coordinate mini-app development and updates, track delivery progress, manage testing and quality checks, and ensure all integrations meet platform and technical standards.
Deliver Merchant Digital Experience & Product Enhancements
- Work closely with product, UX, and engineering teams to implement new features, enhancements, and fixes that improve merchant and mini-app user journeys.
Manage Merchant & Partner Relationships
- Cultivate and maintain strong relationships with new and existing merchants and partners as well as handle day-to-day communication, issue resolution, and operational coordination to support their ongoing needs and ensure strong working relationships.
Execute Merchant Programs & Growth Activities
- Implement merchant programs, promotions, and value propositions in coordination with cross-functional teams to increase the number of mini-apps, drive mini-app adoption and MAU, engagement, and transaction volume across the merchant and partner ecosystem and contribute towards strategy development.
Monitor Data & Operational Performance
- Track merchant and mini-app metrics, analyze traffic and transaction data, identify trends, issues or opportunities, and recommend operational adjustments to enhance the overall digital merchant and partner experience.
Collaborate with cross-functional teams:
- Work closely with other departments and teams to ensure the platform meets security standards and provides seamless, low friction user journeys.
Monitor Performance & Communicate Results:
- Prepare and deliver regular reports on merchant activity, mini-app performance, customer engagement and partner feedback for management and key stakeholders and derive insights for product enhancements.
Ensure Compliance and Ethical Standards:
- Adhere to relevant regulatory policies, and ethical guidelines in the management of all merchant activities and mini-apps operations and lifestyle programs.
DAILY RESPONSIBILITIES:
- Collaborate with internal teams to define technical and commercial requirements for new merchant, partner, and mini-app features, ensuring solutions are delivered effectively and enhance customer engagement.
- Drive mini-app and merchant feature adoption by using data insights, user feedback, and continuous experimentation to implement improvements and resolve performance gaps.
- Act as the internal advocate for the merchant journey, ensuring mini-app submissions, onboarding processes, and solution management are intuitive, efficient, and aligned with merchant needs.
- Coordinate with merchants, technical partners, platform teams, and payment providers to support seamless deployment, perform quality checks, and ensure all integrations meet technical and operational standards.
- Monitor daily transactional performance across merchants and partners, quickly identifying issues and working with support and technology teams to resolve platform or merchant-related problems.
FUNCTIONAL COMPENTENCIES / KEY SUCCESS FACTORS FOR THE ROLE
- Customer obsession – possess a deep understanding of customer needs, behavior, and the ability to design personalized experiences that drive engagement and loyalty.
- Analytical and data driven decision making – able to source, manipulate and analyze massive data sets from various sources, digest this data complexity & churn out insights that lead to solutions and an ability communicate that in a clear and concise manner
- Problem solving – above average cognitive ability, able to join dots across diverse data sets and give meaning to complex issues and drive creative solutions
- Tech savvy – understands technology and is a digital native
- Good understanding of customer journey mapping and user experience testing
- Ability to collaborate and work with diverse teams
- Ability to perform under pressure and deliver results against odds
- Communicates effectively – good verbal and written English
- Listens effectively and guides with empathy and care
- Exhibits emotional intelligence essentials
The Person
For the above position, the successful applicant should have the following:
- Bachelor's degree from a recognized university.
- Member of a relevant professional body e.g. CIM / Product Management / Project management is an added advantage.
- Master’s degree in Business Administration (MBA) / Marketing / Any Related Field is an added advantage.
- At least 5 years’ work experience in the same or related role, with at least:
- 5 years’ work experience in developing digital financial platforms e.g.,financial services, banking, payments & investment platforms.
- 4 years’ work experience in merchant/partner management.
- 3 years’ work experience in engagement, retention and churn reduction
- 5 years work experience in driving revenue growth and commercial acumen
- 2 years’ work experience in Go-To-Market strategies
- 3 years work experience in customer service and value management
- 3 years work experience in data analytics and business intelligence is desirable.
- 3 years experience in service design, user experience and customer journeys optimization
- 2 years experience in digital marketing / product management
go to method of application »
Gmail
Yahoomail