Vacancy title:
Manager, Cyber Security Audit
Jobs at:
KCB Bank KenyaDeadline of this Job:
22 December 2022
Summary
Date Posted: Tuesday, December 13, 2022 , Base Salary: Not Disclosed
JOB DETAILS:
The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
Reporting to the Senior Manager, Cyber Security Audit, the Manager, Cyber Security Audit will carry out cyber security related audits and advisory assignments across the Group that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.
Key Responsibilities:
• Conduct cyber risk assessment for assigned cyber security audit and advisory assignments.
• Perform independent threat and vulnerability assessment and penetration test audits of the bank’s ICT systems to assess the effectiveness of the cybersecurity control framework and report on cyber risks noted.
• Conduct walkthroughs, testing of controls, and negotiating potential issues for Technology audits within the cybersecurity and infrastructure portfolio, including scope areas such as identity and access management, asset classification, network security, operating system security, database security, web application security, mobile application security, public cloud (AWS/GCP/Azure) environments, vulnerability management, endpoint protection, etc.
• Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
• Share knowledge, skills, and experience with team members.
• Perform other related duties as assigned.
The Person:
For the above position, the successful applicant should meet the following criteria:
• Bachelor's Degree in Information Technology, Electrical Engineering, Computer Science, Business, or a Related field from a university recognized by Commission for University Education.
• Must Possess CISA/CISM/CISSPor a related Information Systems Audit / Security certification.
• Must Possess LPT/Offensive Security Certified Professional (OSCP)/CCIE Security/CSX Practitioner/ Certified Red Team Expert (CRTE) or a related penetration testing or red team exercise certification.
• Master's degree is an added advantage
• A minimum 5 years' experience in IT Security and/or IT Audit covering 3 years in Cyber Security Reviews and Vulnerability Assessments and 3 years in Red Team Exercises and/or Penetration Testing Experience.
• Must possess proficiency in using penetration testing tools e.g., Kali Linux, Nessus, Nipper, Burp suite, Metasploit framework, Wireshark, Acunetix, Netsparker, Mobsf, Frida, BeEF, Objection etc.
• Must possess proficiency in performing security assessments on operating systems, database management systems, web applications and mobile applications.
• Must possess proficiency in the use of audit management software e.g., TeamMate.
• Must possess excellent audit report writing and presentation skills.
• Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
• Must possess effective planning, organizing and problem-solving skills.
Work Hours: 8
Experience in Months: 60
Level of Education: Bachelor Degree
Job application procedure
Use the link(s) below to apply on company website.
Manager, Cyber Security Audit
All Jobs
Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.