Application Security Specialist job at KCB Bank
Website :
796 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Application Security Specialist

[ Type: FULL TIME , Industry: Banking , Category: Protective Services ]

Jobs at:

KCB Bank

Deadline of this Job:
28 October 2022  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Monday, October 17, 2022 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about KCB Bank
KCB Bank jobs in Kenya

JOB DETAILS:
The Position:
• The Application Security Specialist is responsible for undertaking security assurance of applications before release to production, periodic security reviews, and is the contact person in Group Cybersecurity for all system change reviews. The Specialist ensures that security requirements are well captured and embedded in the secure SDLC for all system developments and deployments, secure coding practices are adhered to, and secure software and application configurations are maintained in the system’s lifetime.

Key Responsibilities:
• Define, document, and implement software security policy, secure coding practices and guidelines for the bank in line with industry best practices and technologies commensurate with risk and regulatory requirements.
• Develop, implement, and maintain a software security assurance framework which that shall guide information security team in security and risk assessments of applications, as well as provide security requirements for developers and third parties to adhere to.
• Lead Information Security involvement in all software and application implementation projects and scrum teams to ensure all applications and changes meet set information security requirements before introduction to production environments.
• Collaborate with Enterprise Architecture and Business Application Development teams to identify application/software security improvements and plug-in identified security controls in DevOps tools.
• Perform and coordinate regular trainings on secure coding, software security and application security practices for the development and other KCB technology teams at regular intervals.
• Collaborate in the continuous monitoring and defense of the Bank’s critical applications, such as core banking, and digital channels, for cybersecurity threat indicators; report on violations and security measures taken to address threats.
• Identify, integrate, and maintain security tools, such as SAST and DAST tools (Static/Dynamic Application Security Testing), standards, and processes into the software development or product life cycle (SDLC / PLC), and CI/CD pipelines.
• Participate in performing risk assessments for business solutions for inherent security risks and provide recommendations for addressing such risks.
• Define, create, and deliver software/application security compliance reports and relevant metrics to the Bank’s Senior Management.
• Protects the bank’s applications and systems by defining access privileges and other security control structures.

The Person:
For the above position, the successful applicant should have the following:
• Bachelor’s degree in Information Technology /Computer Science / Telecommunications / Engineering (Electrical, Electronic) from a recognized university.
• A Certification in Information Security in either of the following; CDP: Certified DevSecOps, Professional CSSLP: Certified Secure Software Lifecycle Professional CISM: Certified Information Security Manager CISA: Certified Information Systems Auditor CISSP: Certified Information Systems Security Professional CEH: Certified Ethical Hacker ;OSCP : Offensive Security Certified Professional eWPT: eLearn Web Penetration Tester CRISC: Certified in Risk and Information Systems Controle JPT: eLearn Junior Penetration TesterSecurity+.
• A minimum of 5 years’ experience in Technology with at least 2 years’ experience in Information Security and 1 year experience within Secure SDLC and DevSecOps.

Work Hours: 8


Experience in Months: 60

Level of Education:
Bachelor Degree

Job application procedure
• To be considered your application must be received by Friday, 28th October 2022.
• Interested and qualified? Click here to apply

All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 28 October 2022
Duty Station: Nairobi
Posted: 17-10-2022
No of Jobs: 1
Start Publishing: 17-10-2022
Stop Publishing (Put date of 2030): 17-10-2065
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.