Vulnerability Management Specialist, Cybersecurity at KCB Bank Kenya

KEY RESPONSIBILITIES:


Design, implement, and maintain a comprehensive vulnerability management framework covering on-prem, cloud, and containerized environments as necessary for the protection of KCB Group information assets
Administer and optimize vulnerability management tools, including those for external attack surface monitoring and cloud security posture management.
Serve as SME for vulnerability assessments across traditional infrastructure, cloud platforms and container ecosystems
Manage vulnerability lifecycle, including prioritization, remediation tracking, and reporting for internal and external assets
Integrate vulnerability management processes with SIEM/SOAR and other Security platforms for automated alerting and response
Conduct research on emerging threats, zero-day vulnerabilities, and security best practices
Provide technical guidance to system owners on secure configurations and remediation strategies.
Ensure compliance with regulatory requirements and industry standards pertaining to Vulnerability Management
Develop and maintain vulnerability scoring and risk prioritization models for enterprise-wide reporting.
Act as Vulnerability Management SME in projects, providing advisory and validation of security controls throughout the lifecycle as needed


MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic & Professional


Education Bachelor's Degree B.Sc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field RQ
Professional Qualifications Cybersecurity certification in either CISA/ CISM/ CISSP/ Security+/CEH AT least one or an equivalent RQ
Penetration Testing / Cybersecurity Assurance Certification in either OSCP/ CPT/ LPT/ PenTest+/ ECSA/ CHFI/CCNA CyberOps any Cloud Security (AWS/Azure/GCP) certificates / Container Security (Kubernetes/Docker) AA
Master's Degree MBA / MSc AA


Experience

Total Minimum No of Years of Experience 5 years

Required in a Supervisory role

Detail Minimum No of Years Need Type[1]


Experience in Cybersecurity 2 ES
Experience in Vulnerability Management 1 RQ
Security Testing / Penetration Testing 1 AA
Experience in System/ Network/ Database or Cloud Platform Administration 2 ES