Latest Jobs at KCB Bank Kenya
Deadline of these Jobs: 02 December 2022
Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya - incorporated with effect from January 1, 2016 - and all KCB's regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan.
The Position:
The role holder will be responsible for making new and changed services and features available for use by defining a standardized process for planning, building, and testing the release, scheduling the release, pushing the release, deploying the release, providing early life support and closure of releases.
Key Responsibilities:
- Define the standard process for planning, testing, scheduling, and deploying the releases.
- Own the responsibility of preparing a Release Plan. Coordinates with Change Management team, Build team and other key stakeholders regarding the same.
- Assign and track release activities with various teams.
- Packaging, controlling, and integrating the release components as per the dependencies identified.
- Coordinate the release schedule and resources required both internally and from third parties.
- Coordinate with the Build team to build the release and produce the build document, which will contain.
- Build, installation and test plans, procedures, and scripts.
- Monitoring and quality assurance of the release.
- Processes and procedures for distributing, deploying, and installing the release into the target environment.
- Release unit roll-back procedures.
- Change remediation steps in case of release failure.
- Ensure that all mandatory tests are conducted, and all tests are successful as per the success criteria before a release can be flagged off to production.
- Obtain the approvals for downtime-related information wherever necessary in advance and ensure that communications are send out to all stakeholders as per the release plan.
- Identify the risks that can delay the release and manage them, such that the scope scheduled, and quality of the release is not affected.
- Lead the Go-Live activities to deploy the releases successfully.
The Person:
For the above position, the successful applicant should have the following:
- Bachelor's degree in IT/Engineering.
- Professional qualification in ITIL Foundation and Project Management.
- At least 5 years’ experience in release management in a large environment working multiple systems, with at least 4 years’ experience in application support, and at least 3 years supervisory experience and IT service processes management, and 2 years’ experience in project management.
The Position:
The Cyber Security Specialist, Email Security is responsible for maintaining the integrity and confidentiality of the organization’s data while in use, in motion and in situ, through preventing, detecting, and resolving security threats to KCB Group email and collaboration systems. The holder is also responsible for the deployment, testing and maintenance of security solutions for email and collaboration infrastructure.
Key Responsibilities:
- Administer, optimize, and support the Bank’s email security solutions, perimeter email security and collaboration security solutions in compliance with the Bank’s policies and standards.
- Collaborate with the Cybersecurity Intelligence and Security Operations Centre (CiSOC) in the continuous monitoring and defence of the Bank’s email infrastructure for cybersecurity threat indicators, assist to detect, report, and respond to email security violations/incidents.
- Appropriately and practically defend the Bank’s email and collaboration deployment infrastructure, in accordance with established policies, procedures, guidelines and practices.
- Develop Email Security Policies and Minimum-Security Configuration Baseline Standards in line with industry best practices and technologies commensurate with risk and regulatory requirements and implementing the same cost effectively.
- Define, create, and deliver compliance reports and relevant metrics in Email and Collaboration security to senior management, utilizing automation as deemed fit.
- Provide technical email and collaboration security related support to projects from inception through to successful implementation in a bid to ensure that email security and collaboration security is built in from project inception.
- Drive the adoption and enforcement of email and collaboration security standards (such as DKIM, SPF and DMARC), working collaboratively with other Cyber Security specialists and Technology teams to identify, implement and monitor such security solutions.
- Conduct continuous audit of security configuration of all email and collaboration infrastructure to provide optimum security, performance, and availability.
- Provide input into Cyber Security risk and control self-assessments by leveraging specialized knowledge in email and collaboration security.
- Research on and provide technical email and collaboration security expertise in the Group Cyber Security department.
The Person:
For the above position, the successful applicant should have the following:
- Information Technology / Computer Science / Telecommunications / Engineering (Electrical, Electronic) or related field
- Security certification such as CISA, CCSP, CISSP
- At Least 5 years’ experience in Technology with at least, 2 years’ experience in Cyber Security and System, Network or Database Administration.
- 2 years’ experience in a busy technology environment.
The Position:
The role holder will support the Group to understand their cyber risks by providing timely, accurate and insightful reporting on status and issues. This information will enable the various teams and stakeholders across the group prioritise appropriately and make sure effort and cost is directed to where most needed.
Key Responsibilities:
- Support the definition, development, and review of key metrics to measure and report the state of cybersecurity across the group.
- Collaborate with other Cybersecurity leads to review data and analytics to highlight key areas of concern for prioritisation and attention.
- Design, originate, develop, and maintain dashboards and other data sources for use in reporting and tracking cyber risks and control status.
- Formalize and track metrics from all cybersecurity domains and reporting them to senior management on a periodic basis.
- Develop and maintain a cybersecurity reporting framework to provide an overview of Group Cyber Security value and performance.
- Analyse data to identify trends and provide internal stakeholders with valuable insights they can use to improve cybersecurity operations and practises.
- Facilitate performance reviews against service areas viz-a-viz set Cybersecurity metrics and KPI, providing feedback to the Cybersecurity program with recommended changes.
- Orchestrate the various data analytics/visualization and business productivity tools to generate reports and track KPI’s for the Group’s security metrics.
The Person:
For the above position, the successful applicant should meet the following criteria:
- Information Technology / Computer Science / Telecommunications / Engineering /(Electrical, Electronic) or related field.
- Security certification such as CISA, CISM, CRISC, CISSP, CompTIA Security+
- At Least 5 years’ experience in Technology with at least, 2 years’ experience in Cyber Security and, Reporting and data Analytics.
The Position:
The role holder will support the governance, risk, and compliance roles of the Group Cybersecurity function.
Key Responsibilities:
- Ensure the development, update, implementation, and enforcement of information security governance including policies, baselines, and procedures.
- Ensure the cyber security risk management capabilities including risk methodologies to mitigate cyber security across the group.
- Assess, handle, and follow up on mitigation of 3rd party related cyber risks through all stages.
- Manage cyber audit and risk findings resulting from internal audits, external audits, and assessments.
- Follow up and reporting of IT audit recommendations implementation within Group Cyber Security.
- Act as a key contact point for all assurance functions i.e., risk & audit with regards to cybersecurity topics.
- Recommend appropriate security controls according to internal standards and key industry best practises and ensure that such controls operate as intended.
- Gap analysis with respect to standards, industry regulations and definition of the security posture.
- Ensure management and authoritative reporting of Cyber Risks and cooperate with legal, compliance and other risk owners.
- Engage staff on cybersecurity related audit and risk matters.
The Person:
For the above position, the successful applicant should meet the following criteria:
- Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Security certification such as CISA, CISM, CISSP, CRISC.
- Have a minimum of 5 years’ experience in Technology with at least 2 years’ experience in Risk, Audit, or Governance and 1 year experience in Cybersecurity.
The Position:
The Cybersecurity Specialist, Threat Hunting is responsible for analysing, improving, implementing, and executing security controls proactively to prevent external threat actors from infiltrating Bank information or systems. The overarching goal of the position is to seek out, identify, neutralise, evict, and prevent the re-entry of resident threat actors in the Bank’s networks, information systems, and technological ecosystems.
Key Responsibilities:
- Identify advanced threats, track the same, and mitigate them before organisational IT systems are attacked.
- Continuously detect, analyse, and combat advanced cyber threats. Detect vulnerabilities and mitigate the associated cybersecurity risk before it affects the Bank.
- Search for evidence of active threats within the Bank’s technological environment that may have bypassed both preventative and detective controls using the latest threat hunting tools and techniques.
- Continuously strengthen the Bank’s cybersecurity posture through research, threat simulations, threat hunting, and offensive security engagements.
- Work with the wider Cybersecurity Intelligence Security Operations Centre (CISOC) technical teams to gain insight into critical information security controls and architecture specifics to develop effective threat hunting strategies and analytics that identify malicious behaviour accurately while maintaining a low false positive rate.
- Analyse and correlate large data sets to uncover novel threats and attack techniques that may be present within the Bank’s environments.
- Collaborate with Security and Threat Monitoring, Threat Intelligence, and Incident Response Specialists to identify opportunities to develop analytical methods to detect advanced threat actors who utilise emerging tactics, techniques, and procedures.
- Develop and document new and innovative threat hunt hypotheses and methodologies to augment the team’s ability to find existing or new cyber threats that are otherwise going unidentified or unnoticed.
- Act a thought leader in the design of cutting-edge detective, preventative, and proactive controls.
The Person:
For the above position, the successful applicant should meet the following criteria:
- Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Security certification such as Certified SOC Analyst (CSA),Certified Incident Handler (E|CIH),GIAC Certified Intrusion Analyst (GCIA,GIAC Certified Incident Handler (GCIH),GIAC Certified Forensic Analyst (GCFA),GIAC Reverse Engineering Malware (GREM),Certified Information Systems Auditor (CISA),Certified Information Systems Security Professional (CISSP),Certified Information Security Manager (CISM),Security+,Certified Information Systems Auditor (CISA).
- Have a minimum of 5 years’ experience in Technology with at least 2 years’ experience in Cybersecurity and Security Operations Centre / Security Monitoring / Endpoint Detection and Response / Network Detection and Response.
The Position:
The Cybersecurity Specialist, Incident Response is responsible for investigating security incidents as part of the Bank’s Cyber Security Incident Response Team (CSIRT) that may negatively impact the Bank, its customers, or partners (including hacking attempts, intrusions, malware infestations, mishandling of data/information, and other security threats). The Cybersecurity Specialist, Incident Response will further provide support during cyber incidents and investigations, and actively participate in threat hunting activities. The objective of this position is to ensure that the Bank can rapidly identify and effectively respond to cyber occurrences with minimal to no adverse impact on its data, information systems, technological infrastructure, reputation, customer confidence, or other tangible or intangible assets.
Key Responsibilities:
- Appropriately and practically defend the information enterprise in accordance with established policies, procedures, guidelines, and practices.
- Analyse security alerts and potential cybersecurity incidents to identify true security breaches.
- Create procedures, run books, high- and low-level documentation, processes and develop staff to respond to cybersecurity incidents more effectively.
- Investigate security breaches and make informed decisions towards containment, and recommendations for corrective action.
- Apply expertise in both endpoint and network analysis to ascertain the impact of an attack and develop threat trends and mitigation techniques and countermeasures that can prevent future attacks.
- Coordinate the analytic and investigative efforts of the Cyber Security Incident Response and Recovery Team (CSIRRT) along with any Technology incident response team as required during a critical cyber occurrence.
- Track emerging and realised threats including, but not limited to, mapping command-and-control infrastructure, investigating phishing campaigns, unearthing weaponised file/document techniques and patterns, as well as passing detection opportunities to the Cybersecurity Intelligence and Security Operations Centre (CISOC) and incident management teams.
- Research and provide technical security expertise on advanced persistent threats (APTs) affecting the financial services industry to senior management.
- Implement security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
- Employ leading cybersecurity frameworks (like MITRE adversarial tactics, techniques, and common knowledge, National Institute of Standards and Technology Cybersecurity Framework, ISO 27001) to identify, counter and mitigate threats through the process of threat modelling.
The Person:
For the above position, the successful applicant should meet the following criteria:
- Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Security certification such as; Certified SOC Analyst (CSA),Certified Incident Handler (E|CIH),GIAC Certified Intrusion Analyst (GCIA),GIAC Certified Incident Handler (GCIH),GIAC Certified Forensic Analyst (GCFA),Certified Information Systems Auditor (CISA),Certified Information Systems Security Professional (CISSP),Certified Information Security Manager (CISM),Security+.
- Have a minimum of 5 years’ experience in Technology with at least 2 years’ experience in Cybersecurity and 1 year experience in Security Operations Centre / Security Monitoring.
The Position:
The Cybersecurity Specialist, Systems Administration is in charge of the daily operation of security monitoring systems. The role is responsible for the conceptualisation, acquisition, deployment, configuration, and daily management of security monitoring tools, platforms, products, appliances, and applications, whether on-premises or in the Cloud. The aim of this key role is to ensure the care, maintenance, and upkeep of the Cybersecurity Intelligence Security Operations Centre’s (CISOC) toolset, ensuring round-the-clock monitoring capability of the CISOC.
Key Responsibilities:
- Installing, configuring, deploying, administering, and troubleshooting the Bank’s security monitoring solutions on a day-to-day basis across the Group.
- Defending said systems against unauthorised access.
- Managing logical user access to the Cybersecurity Intelligence Security Operations Centre (CISOC) toolset.
- Keeping the CISOC toolset up-to-date as regards patches and hotfixes.Upgrading the CISOC toolset to take advantage of bugfixes and new features.
- Maximising the utilisation of the Bank’s Security Information and Event Management (SIEM), Database Activity Monitoring (DAM), and other security monitoring platforms to ensure maximal return on investment is realised.
- Supporting the administration of the wider Group Cybersecurity security platforms, such as the Web Application Firewall (WAF), Web proxy, Privileged Access Management (PAM), Endpoint Detection and Response (EDR), and vulnerability management solution.
- Researching on new technologies and the latest trends in security monitoring and cybersecurity incident response, and applying the findings to develop the strategic direction of the CISOC.
- Developing metrics to track the operation of the CISOC’s toolset.
- Reporting on the usage of the CISOC’s toolset to management.
The Person:
For the above position, the successful applicant should meet the following criteria:
- Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Security certification such as; Certified Information Systems Auditor (CISA),Certified Information Systems Security Professional (CISSP),Certified Information Security Manager (CISM),Security+,Any server/virtualisation/security platform administration certification.
- Have a minimum of 5 years’ experience in Technology with at least 2 years’ experience in Security Tools (SIEM, DAM, WAF, IDS/IPS) Administration and Security / Server / Network / Database / Cloud administration.
The Position:
The holder of the role will be responsible for developing and maintaining business capabilities of the enterprise in line with the corporate strategy as well as contributing to the business strategy and plans. Lead IT business process architecture (information and process design, modeling, mapping, documentation, improvement and\or enhancement) of all IT Systems in use by the Bank. Participate in IT System(s) procurement, development, implementation, and review to ensure that Business Process Architecture standards and methods are applied in line with Bank policy and best practice.
Key Responsibilities:
- Elicit business requirements using interviews, analysis, requirements workshops, surveys, site visits, business process descriptions, use cases, scenarios, business analysis, task and workflow analysis.
- Translates strategic initiatives into delivery-focused change initiatives, while translating business processes and issues into effective conceptual and logical models.
- Liaise with the Business subject matter experts in the development of business architectural framework developing a clear roadmap of Business solutions.
- Lead effort to work with business leaders to identify business capability needs and IT integration.
- Facilitate the identification and analysis of the Bank’s business drivers to deliver enterprise business, information, technical and solution architecture requirements.
- Function as a liaison to Business and IT partners in order to gain a broad understanding of industry trends and innovations, and their impact on technology.
- Provide an analysis to determine best path for solving business problems/opportunities that may include process improvement visa Vis information technology systems enhancement.
- Provide architectural oversight of projects and ensure that requirements are in alignment with business strategies and business architecture roadmap/framework.
- Build and maintain repository for deliverables, methodologies, and business development documents.
- Independently facilitate discussions with groups of diverse stakeholders and manage the flow of conversation while driving to meet business objectives.
- Manage conflict among diverse cross portfolio stakeholders related to competing interests and business requirements. Able to help stakeholders objectively examine real needs versus wants and ways to collaborate to achieve win/win resolutions.
- Leverages business capabilities as a platform for illustrating the link between business needs with decisions to their technology, solution, business and information architecture efforts.
The Person:
For the above position, the successful applicant should have the following:
- BSc. Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Have a minimum of 10 years’ experience in Technology with at least 7 years’ experience in in at least two IT disciplines such as (business architecture, application architecture, application development), at least 5 years’ experience in database management systems and at least 3 years’ experience working in a leading formal enterprise architecture framework.
- Exposure to multiple, diverse technologies and processing environments.
- Excellent understanding of software delivery processes and methodologies (i.e. waterfall, agile, hybrid).
- Exceptional interpersonal skills, including teamwork, facilitation and negotiation.
- Excellent planning and organizational skills with ability to breakdown complex items to actionable elements.
- Knowledge of all components of holistic enterprise architecture.
- Familiarity with graphical modeling approaches, tools and model repositories.
- Ability to balance the long-term ("big picture") and short-term implications on individual components and projects.
- Ability to liaise with all levels of management and subject matter experts across the industry and within the organization to drive adoption of Business Architecture.
- Highly developed soft skills, such as listening, empathy, and the ability to adjust communication style based on the audience.
- Strong teamwork and facilitation skills.
The Position:
The holder of the role will be responsible of leading a team of solution & data architects and will be responsible for solution-level decisions and analysis of their impact on the overall business goals and outcomes. The holder of this position leverages their knowledge of available technologies to propose the best solution to address the business requirements within the context of existing technology environment. The key deliverable of this role is to provide specifications for technology solutions and the strategy for their implementation.
Key Responsibilities:
- Analyzing enterprise specifics - Facilitate the identification, analysis and consideration of the Bank’s business drivers, information needs, technical capability needs, architecture requirements & constraints for the delivery of future proof solutions to the enterprise.
- Analyzing and documenting requirements - Elicit business requirements through interviews, requirements workshops, surveys, site visits, business process descriptions, use cases, scenarios, business analysis, task and workflow analysis.
- Setting the collaboration framework - Liaise with the Business subject matter experts in the development of clear roadmaps for Business solutions.
- Manage, lead and mentor Solution Architects in their day-to-day work deliverables and professional development
- Participating in technology selection - Participate in identifying fit for purpose technologies solutions for the Bank
- Analyzing the technology environment - Provide an analysis to determine best path for solving business problems/opportunities that may include process improvement vis a vis information technology systems enhancement.
- Controlling solution development - Participate in solution developments to ensure technical and business requirements are adhered to with minimal technical debt.
- Supporting project management - Provide architectural oversight in projects ensuring that requirements are in alignment with business strategies and guard railed within the approved architecture roadmap/frameworks
- Leverage’s business capabilities as a platform for illustrating the link between business needs with decisions to their technology, solution, business and information architecture efforts
- Translates strategic initiatives into delivery-focused technology change initiatives, while translating business processes and issues into effective conceptual and logical models.
- Lead effort to work with business leaders to identify business capability needs and IT integration
- Build and maintain repository for architecture deliverables, methodologies, frameworks, design patterns and decisions.
- Ability to independently manage competing interests and requirements while leading stakeholders to objectively examine real needs versus wants and ways to collaborate to achieve win/win resolutions.
The Person:
For the above position, the successful applicant should have the following:
- BSc. Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
- Have a minimum of 10 years’ experience in Technology with at least 7 years’ experience in in at least two IT disciplines such as (business architecture, application architecture, application development, middleware, microservices and SOA).
- Exposure to multiple, diverse technologies, cloud and processing environments.
- Prior working experience in a leading formal enterprise architecture framework
- Excellent understanding of software delivery processes and methodologies (i.e. waterfall, agile, hybrid) & DevOps.
- Exceptional interpersonal skills, including teamwork, facilitation and negotiation.
- Excellent planning and organizational skills with ability to breakdown complex items to actionable elements.
- Knowledge of all components of holistic enterprise architecture.
- Familiarity with graphical modeling approaches, tools and model repositories.
- Ability to balance the long-term ("big picture") and short-term implications on individual components and projects.
- Ability to liaise with all levels of management and subject matter experts across the industry and within the organization to drive adoption of Business Architecture.
- Highly developed soft skills, such as listening, empathy, and the ability to adjust communication style based on the audience.
- Strong teamwork and facilitation skills.