Vulnerability Management Specialist

Vulnerability Management Specialist


Vulnerability Management Specialist

Details of the offer

Job Summary
The Vulnerability Management Specialist will be responsible for assessing the security posture of existing and new technology systems, platforms and processes, to protect and continually improve the confidentiality, integrity & availability of information systems, in accordance with KCB Group’s business objectives, regulatory requirements, and strategic goals. In addition, he/she is responsible for maintaining a vulnerability management framework for the Group by conducting Vulnerability Assessment & Penetration Testing (VAPT) exercises, recommending appropriate controls, managing VAPT solutions and maintaining a risk register.

The Person:

A Bachelor's degree in IT/ Computer Science/ Telecommunications/ Engineering (Electrical or Electronic) or related field from a recognized university.

Must possess at least one professional certification such as CEH (Certified Ethical Hacker), LPT (Licensed Penetration Tester Master), OSCP (Offensive Security Certified Professional), CompTIA PenTest+, CMWAPT (Certified Mobile & Web Application Penetration Tester).

A minimum of 5 years’ supervisory experience in Information Technology; with at least:

3 years’ experience in Information Security.

2 years’ experience in Vulnerability Assessments/ Penetration Testing.

Good knowledge of Banking/ Financial Services Operations

Excellent planning and organizing skills

Excellent problem analysis and attention to detail.


Design, implement and support VAPT solutions and a framework identified as necessary for the protection of KCB Group information assets.

Serve as the system owner for and administer common VAPT toolsets, platforms, and processes, as well as serve as a Subject Matter Expert (SME) for the VAPT role for all VAPT exercises executed internally or by contracted vendors.

Perform vulnerability assessment and penetration testing on the Bank’s infrastructure and systems to ensure that they are secure from external or internal intrusion attempts thus reducing the risk of successful intrusions against KCB group.

Provide technical VAPT related support to projects from inception through to successful implementation in a bid to ensure compliance to technical security policies and standards.

Perform authorized attack surface reviews and penetration tests against specific targets at the direction of the Senior Manager, Security Monitoring & Response.

Provide assessment reports that are easily understandable by the target audience and include practical and reasonable recommendations based upon sound risk management principles.

Maintain a Vulnerability Scoring System that captures the qualitative representation of the assessment reports to help KCB Group properly assess and prioritize its vulnerability management process.

Assess the sufficiency of policies, standards and procedures relative to VAPT best practices. Author standards and procedures designed to continually improve security posture.

Perform continuous vulnerability monitoring in the KCB group environment and report compliance failures to management for immediate remediation.

Define, create, and deliver status reports and relevant metrics to Senior Management.

Provide input into technology security risk control self-assessments by leveraging specialized knowledge in VAPT.

Job Requirements

Required education
: Bachelor's degree

Required relevant work experience
: 5 years

Required languages:
English (Spoken: fluent | Written: fluent)

Source: Learn4Good



Virtual career accelerator

Position: 6-Month Full-Time Virtual Career Accelerator (Including Job Placement) Job Summary Join the Yusudi “Career Accelerator Programme”, a 6-Months...

Nairobi Area

Published a month ago

Integration engineer – udm at ericsson

We are now looking for an Integration Engineer to analyze, prepare, implement and verify the configuration and integration of a node, network and/or system...

From Ericsson - Nairobi Area

Published a month ago

County coordinator at chemonics international

At Chemonics, we believe our mission of helping people live healthier, more productive, and more independent lives is driven by our commitment to service...

From Chemonics International - Nairobi Area

Published a month ago

Packing and loading staff

Job Summary Receive goods, unload from trucks, weigh, pack ready for dispatch by weighing, labeling, and recording dispatches, loading for dispatch Minimum...

From Anderson Human Capital - Nairobi Area

Published a month ago