Cybersecurity Analyst, DevSecOps job at KCB Bank
Website :
845 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
Cybersecurity Analyst, DevSecOps

[ Type: FULL TIME , Industry: Banking , Category: Computer & IT ]

Jobs at:

KCB Bank

Deadline of this Job:
12 August 2022  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Monday, August 01, 2022 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about KCB Bank
KCB Bank jobs in Kenya

JOB DETAILS:
Cybersecurity Analyst, DevSecOps

The Position:
The Cybersecurity Analyst, DevSecOps is responsible for undertaking security assurance of applications and developments before release to production, conduct periodic security reviews, and will be a contact person in Information Security for assigned agile scrum teams. The analyst ensures that security requirements are well captured and embedded in the secure SDLC for all system developments and deployments, secure coding practices are adhered to, and secure software and application configurations are maintained in the system’s lifetime.

Key Responsibilities:
• Represent Group Information Security in assigned implementation projects and scrum teams to ensure all applications and changes meet set information security requirements before introduction to production environments.
• Contribute to the definition, documentation, and implementation of software security policies, secure coding practices and guidelines for the bank in line with industry best practices and technologies commensurate with risk and regulatory requirements.
• Consistently provide security requirements to developers and third parties to adhere to and comprehensively implement the Bank’s software security assurance framework by carrying out security and risk assessments of application and software changes.
• Collaborate with Enterprise Architecture and Business Application Development teams to identify application/software security improvements and plug-in identified security controls in DevSecOps tools.
• Contribute to formulation and conducting of regular trainings on secure coding, software security and application security practices for the development and other KCB technology teams at regular intervals.
• Contribute to the identification, integration, and maintenance of application security tools, such as SAST (Static Application Security Testing) and DAST tools (Static/Dynamic Application Security Testing), standards, and processes into the software development or product life cycle (SDLC / PLC), and CI/CD pipelines.
• Perform security and risk assessments for business solutions to identify inherent security risks and provide recommendations for addressing such risks.
• Create, and deliver software/application security compliance and testing reports and relevant metrics to the Bank’s Senior Management.
• Collaborate in the continuous monitoring and defence of the Bank’s critical applications, such as core banking, and digital channels, for cybersecurity threat indicators; report on violations and security measures taken to address threats.
• Protect the bank’s applications and systems by defining and reviewing access privileges and other security control structures.

The Person:
For the above position, the successful applicant should have the following:
• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, Engineering (Electrical/ Electronic) or related field.
• Professional qualifications in any one of the following:
• Information Security certification in CISA/ CISSP/Security+.
• Information Security Testing and DevSecOps certification in either CDP (Certified DevSecOps Professional)/ CSSLP (Certified Secure Software Lifecycle Professional)/CEH, OSCP/ CPT/ GPEN/ GWAPT.
• 3 years Technology experience with at least 1 year experience in:
• Information Security.
• Secure SDLC and DevSecOps.
• Testing or implementing web, API, containerisation, or mobile application security best practices (such as OWASP, NIST).
• Experience in working with CI/CD tools, financial and capital markets desired.
• Strong interpersonal and communication skills.

Work Hours: 8


Experience in Months: 36

Job application procedure
Use the link(s) below to apply on company website.
Cybersecurity Analyst, DevSecOps 


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 12 August 2022
Duty Station: Nairobi
Posted: 01-08-2022
No of Jobs: 1
Start Publishing: 01-08-2022
Stop Publishing (Put date of 2030): 01-08-2065
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.