KCB Group
Software & Data
Nairobi Full Time
Banking, Finance & Insurance
KSh Confidential
Job Summary
The Vulnerability Management Specialist is responsible for maintaining a vulnerability management framework for KCB Group, recommending appropriate controls, and maintaining a risk register.
Minimum Qualification:Bachelor
Experience Level:Mid level
Experience Length:5 years
Job Description/Requirements
The Position:
The Vulnerability Management Specialist is responsible for maintaining a vulnerability management framework for KCB Group, recommending appropriate controls, and maintaining a risk register. The role will also be responsible for the delivery and management of effective vulnerability management tools and solutions for the Group that meet both market and industry expectations in accordance with the Group’s business objectives, regulatory requirements, and strategic goals.
Key Responsibilities:
Design, implement and support Vulnerability Assessment and Penetration Testing (VAPT) tools / solutions and a framework identified as necessary for the protection of KCB Group information assets.
Perform VAPTs on the Group’s infrastructure and systems to provide assurance that they are secure from external and internal intrusion attempts.
Enact ‘Red Team’ scenarios to highlight gaps impacting the organization’s security posture.
Serve as a Subject Matter Expert (SME) in designing VAPT exercises executed internally or by contracted vendors.
Manage the VAPT lifecycle engagements with external penetration testing vendors.
Maintain a Vulnerability Scoring System that captures the qualitative representation of the assessment reports to help KCB Group properly assess and prioritize its vulnerability management processes.
Provide technical support to the various System Administrators and owners in analyzing, understanding, and remediating the various findings are reported by the Group Cybersecurity testing teams.
Conduct ongoing research and analysis in vulnerability management targeting key initiatives to provide actionable advisory.
Assess the sufficiency of policies, standards, and procedures relative to VAPT best. practices. Co-author standards and procedures designed to continually improve security posture.
Provide input into technology security risk control self-assessments by leveraging specialized knowledge in vulnerability management.
The Person:
For the above position, the successful applicant should have the following:
University degree from a recognized institution preferably in Information Technology/Computer Science/ Cyber Security/ Engineering (Electrical & Electronics) or related field.
A professional cyber security certification in either of the following: CISA/ CISM/ CISSP/ Security+/CEH
5 years Technology experience with at least 2 years’ experience in cyber security and 1 year experience in Vulnerability Management / Security Testing / Penetration Testing.
The above position is demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.
To be considered your application must be received by Monday, 14th October 2022.
Qualified candidates with disability are encouraged to apply.