The Position
Reporting to the Senior Manager, IT Security, the Security specialist will be responsible for safeguarding information system assets by identifying and solving potential and actual information systems security threats thought the KCB network.
Key Responsibilities
· Perform vulnerability assessment and penetration testing on the banks infrastructure and applications to ensure that they are secure from external or internal hacking attempts.
· Research on and provide technical security expertise on continuous persistent threats affecting the bank to the Head and Senior Manager, IT Risk and Security.
· Develop and implement IT Security Policies, procedure, standards and guidelines based on best practice benchmarking COBIT, ISO/IEC 270001, NIST, ITIL and other relevant standards
· Provide technical security related solutions to projects from inception through to successful implementation to ensure that security is inbuilt into the applications as opposed to the more expensive process of adding security features post a breach or on a system that is already in production.
· Recognizes and provides solutions for IT security related problems by identifying abnormalities and reporting violations
· Implementing and provide long term security improvements by assessing current situation; evaluating trends and anticipating requirements
· Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs, customer privacy and comply with relevant regulations
· Appropriately review System Security Configurations for effectiveness and recommend appropriate settings
· Continuously update the IT security monitoring and assessment as required. Stays current on malware trends, especially in the financial industry and adjusts the assessment accordingly to reflect the latest trends. Continually reviews latest hacking techniques and adjusts the assessment accordingly to reflect the latest trends.
· Communicate to KCB Users on matters concerning IT Security, train and promote security awareness among users to reduce incidents and make users part of banks security solution
The Person
For the above position, the successful applicants should have: -
· Bachelor’s degree in IT or related field from a university recognized by Commission for University Education.
· A post graduate qualification in a related field will be an added advantage
· Certification on any of CISM,CISSP, CCNA , CISA ,CASP, GIAC
· A minimum of 4 years’ experience in Information Technology with hands on experience in the following areas:
o Active Directory management, IT Security on operating systems and databases (Oracle, SQL, Unix)
o Experience in Threat and Vulnerability testing.
o Database and Web Application Security
· Working knowledge on network security and relevant network devices
· Demonstrate in-depth understanding of broad range of MS Windows servers and desktops operating systems.
· Wide knowledge of web application security.
· Exceptional planning and organizing skills.
· Demonstrate an In-Depth Analysis of Vulnerability assessment and management
· Excellent problem analysis and attention to detail
· Good knowledge of various Banking operations
· Superb customer service and willingness to travel
· Knowledge of web programming languages (ASP, .NET, JavaScript, etc.) is an added advantage
· Excellent communication and interpersonal skills
· Planning, organizing, and problem solving skills
· Ability to work effectively under pressure and tight deadlines
· Initiative, self-drive and open minded
· Attention to detail
· Team Player
The above position is demanding for which the bank will provide a competitive package for the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please submit your application with a detailed CV stating your current position, remuneration level, e-mail and telephone contacts quoting the job title/reference in the subject field to; recruitment@kcb.co.ke
To be considered your application must be received by June 26, 2015.
Only short listed candidates will be contacted.
JOB REF: IT 09/2015