MENU
KCB Bank Kenya
Application Security Specialist

Kcb Bank Kenya

Nairobi | Full Time | Banking / Financial Services

Closing in 2 months ago

KEY RESPONSIBILITIES

  • Define, document, and implement software security policy, secure coding practices, and guidelines in line with industry best practices and regulatory requirements.
  • Develop and maintain a software security assurance framework to guide security and risk assessments of applications and provide security requirements for developers and third parties.
  • Ensure Information Security involvement in all software and application implementation projects to meet security requirements before production deployment.
  • Collaborate with Enterprise Architecture and Business Services teams to improve application security and integrate security controls in DevOps tools.
  • Conduct regular training on secure coding, software security, and application security practices for development and technology teams.
  • Continuously monitor and defend critical applications, such as core banking and digital channels, against cybersecurity threats and report on security measures taken.
  • Integrate and maintain security tools, such as SAST and DAST, within the Software Development Life Cycle SDLC and CI/CD pipelines.
  • Perform risk assessments for business solutions, identify inherent security risks, and provide recommendations to mitigate them.
  • Generate and deliver software/application security compliance reports and relevant metrics to Senior Management.
  • Protect the bank’s applications and systems by defining access privileges and implementing security control structures.

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic & Professional

Education

  • Bachelor’s Degree in BSc. Information Technology, Computer Science, Telecommunications, Engineering Electrical, Electronic, or equivalent RQ
  • Master’s Degree in MBA/MSc AA

Professional Qualifications

  • At least one Information Security certification is required:
    • CDP: Certified DevSecOps Professional
    • CEH: Certified Ethical Hacker
    • CSSLP: Certified Secure Software Lifecycle Professional
    • CISM: Certified Information Security Manager
    • CISA: Certified Information Systems Auditor
    • CISSP: Certified Information Systems Security Professional
  • More than one certification is an added advantage AA

Experience

  • Total Minimum Years of Experience Required – 5 years ES
    • Experience in Information Security – 2 years ES
    • Strong Application Security knowledge, Secure SDLC, and DevSecOps – 1 year ES
    • Experience in Banking Operations – 1 year ES
    • Experience in software development or scripting – 1 year DE
    • Experience in Project Implementation and user training – 1 year DE

Never miss a chance!

Subscribe to get latest job listings, career insights and guidance in your inbox