Vulnerability Management Specialist

Vulnerability Management Specialist
Company:

Kcb Group


Vulnerability Management Specialist

Details of the offer

The Vulnerability Management Specialist will be responsible for assessing the security posture of existing and new technology systems, platforms and processes, to protect and continually improve the confidentiality, integrity & availability of information systems, in accordance with KCB Group’s business objectives, regulatory requirements, and strategic goals. In addition, he/she is responsible for maintaining a vulnerability management framework for the Group by conducting Vulnerability Assessment & Penetration Testing (VAPT) exercises, recommending appropriate controls, managing VAPT solutions and maintaining a risk register.
The Person:
A Bachelor's degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or Electronic) or related field from a recognized university.

Must possess at least one professional certification such as CEH (Certified Ethical Hacker), LPT (Licensed Penetration Tester Master), OSCP (Offensive Security Certified Professional), CompTIA PenTest+, CMWAPT (Certified Mobile & Web Application Penetration Tester).

A minimum of 5 years’ supervisory experience in Information Technology; with at least:

3 years’ experience in Information Security.

2 years’ experience in Vulnerability Assessments/ Penetration Testing.

Good knowledge of Banking/ Financial Services Operations

Excellent planning and organizing skills

Excellent problem analysis and attention to detail.
Responsibilities

Design, implement and support VAPT solutions and a framework identified as necessary for the protection of KCB Group information assets.
Serve as the system owner for and administer common VAPT toolsets, platforms, and processes, as well as serve as a Subject Matter Expert (SME) for the VAPT role for all VAPT exercises executed internally or by contracted vendors.

Perform vulnerability assessment and penetration testing on the Bank’s infrastructure and systems to ensure that they are secure from external or internal intrusion attempts thus reducing the risk of successful intrusions against KCB group.

Provide technical VAPT related support to projects from inception through to successful implementation in a bid to ensure compliance to technical security policies and standards.

Perform authorized attack surface reviews and penetration tests against specific targets at the direction of the Senior Manager, Security Monitoring & Response.

Provide assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles.

Maintain a Vulnerability Scoring System that captures the qualitative representation of the assessment reports to help KCB Group properly assess and prioritize its vulnerability management process.

Assess the sufficiency of policies, standards and procedures relative to VAPT best practices. Author standards and procedures designed to continually improve security posture.

Perform continuous vulnerability monitoring in the KCB group environment and report compliance failures to management for immediate remediation.

Define, create, and deliver status reports and relevant metrics to Senior Management.

Provide input into technology security risk control self-assessments by leveraging specialized knowledge in VAPT.
Job Requirements
Required education
: Bachelor's degree

Required relevant work experience
: 5 years

Required languages:
English (Spoken: fluent | Written: fluent)
Want to see how you rank against other applicants?
Get detailed analysis on Fuzu Instant Feedback
YouVS
Sign up to learn more


Source: Fuzu


Area:

Requirements

Data intern

Position: Data Support Intern Responsibilities: Work with the project deployment team to identify points of project data changes Develop data dictionary for...


Central

Published a month ago

Sales analyst

Sales/Marketing Jobs in Kenya This role would act as a Liaison between Savannah Brands and their Distributors, monitoring all ongoings at the Distributor and...


Nairobi Area

Published a month ago

Facility demand lead, africa clean energy at coffey

Delivering technical excellence and innovative solutions to manage complex risk in challenging environments sets us apart from our competitors. Our diverse...


From Coffey - Nairobi Area

Published a month ago

Communications and media support consultancy at pact kenya

A nonprofit international development organization founded in 1971, Pact works on the ground in more than 30 countries to improve the lives of those who are...


From Pact Kenya - Nairobi Area

Published a month ago