
Application Security Specialist
Kcb Bank Kenya
Nairobi | Full Time | Banking / Financial Services
Closing in 2 months ago
KEY RESPONSIBILITIES
- Define, document, and implement software security policy, secure coding practices, and guidelines in line with industry best practices and regulatory requirements.
- Develop and maintain a software security assurance framework to guide security and risk assessments of applications and provide security requirements for developers and third parties.
- Ensure Information Security involvement in all software and application implementation projects to meet security requirements before production deployment.
- Collaborate with Enterprise Architecture and Business Services teams to improve application security and integrate security controls in DevOps tools.
- Conduct regular training on secure coding, software security, and application security practices for development and technology teams.
- Continuously monitor and defend critical applications, such as core banking and digital channels, against cybersecurity threats and report on security measures taken.
- Integrate and maintain security tools, such as SAST and DAST, within the Software Development Life Cycle SDLC and CI/CD pipelines.
- Perform risk assessments for business solutions, identify inherent security risks, and provide recommendations to mitigate them.
- Generate and deliver software/application security compliance reports and relevant metrics to Senior Management.
- Protect the bank’s applications and systems by defining access privileges and implementing security control structures.
MINIMUM POSITION QUALIFICATION REQUIREMENTS
Academic & Professional
Education
- Bachelor’s Degree in BSc. Information Technology, Computer Science, Telecommunications, Engineering Electrical, Electronic, or equivalent RQ
- Master’s Degree in MBA/MSc AA
Professional Qualifications
- At least one Information Security certification is required:
- CDP: Certified DevSecOps Professional
- CEH: Certified Ethical Hacker
- CSSLP: Certified Secure Software Lifecycle Professional
- CISM: Certified Information Security Manager
- CISA: Certified Information Systems Auditor
- CISSP: Certified Information Systems Security Professional
- More than one certification is an added advantage AA
Experience
- Total Minimum Years of Experience Required – 5 years ES
- Experience in Information Security – 2 years ES
- Strong Application Security knowledge, Secure SDLC, and DevSecOps – 1 year ES
- Experience in Banking Operations – 1 year ES
- Experience in software development or scripting – 1 year DE
- Experience in Project Implementation and user training – 1 year DE
Never miss a chance!
Subscribe to get latest job listings, career insights and guidance in your inbox