Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya - incorporated with effect from January 1, 2016 - and all KCB's regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It als...

Responsibilities or duties

• Monitor user and system activity to identify suspicious activities leveraging on security systems
• Monitor network activity and investigate anomalous events and traffic trends
• Check security monitoring status of systems on monitoring tools and initiate remediation of noted gaps
• Monitor alerts and alarms from security monitoring tools and initiate corrective actions
• Configure and fine tune security monitoring systems to make sure the bank is sufficiently protected
• Administer security tools ensuring optimal uptime and resource utilization
• Investigate suspicious user and system events and identify breaches and root cause.
• Mitigate intrusion attempts through proactive response to incidents
• Prepare manual and scheduled reports for various stakeholders
• Research and stay up to date on technology and cybersecurity trends

DAILY RESPONSIBILITIES

• Monitor event logs from various systems (firewalls, email, web and DNS, databases, etc.) to identify suspicious activities or attacks, intrusions, and unusual, unauthorised, or illegal activity
• Perform incident drilldowns and investigations and escalate validated incidents to designated incident response teams
• Follow up on security incidents with relevant support teams and ensure timely resolution
• Administer the performance, resource utilisation and overall health of the Bank’s security monitoring tools
• Prepare and circulate SOC management reports and dashboards

Qualifications or requirements

Academic and Professional

Education

Bachelor’s Degree BSc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field RQ

Professional Certifications

Certified SOC Analyst (CSA)/ Certified Incident Handler (E|CIH)/ Certified Threat Intelligence Analyst (CTIA)/ Certified Information Systems Security /Professional (CISSP)/ Certified Ethical Hacker (CEH)/ PENTEST+ Security+ Certified Information Systems Auditor (CISA) Certified Information Security Manager (CISM) RQ

Particulars Detail Specific Field or Qualification Need Type

Any vendor-specific SIEM certification (Splunk, QRadar, LogRhythm, ArcSight, AlienVault, etc.) AA

Any vendor-specific information security certification AA

Master’s Degree MBA / MSc Cybersecurity / Information Systems Security / IT Security / IT AA

Experience needed

Total Minimum Number of Years of IT Experience Required

2 Years

Detail Minimum No. of Years Need Type

Experience in Cybersecurity 1 ES

Experience in System/ Network/ Database or Cloud Platform Administration, or Application Development 1 DE

• Monitor user and system activity to identify suspicious activities leveraging on security systems
• Monitor network activity and investigate anomalous events and traffic trends
• Check security monitoring status of systems on monitoring tools and initiate remediation of noted gaps
• Monitor alerts and alarms from security monitoring tools and initiate corrective actions
• Configure and fine tune security monitoring systems to make sure the bank is sufficiently protected
• Administer security tools ensuring optimal uptime and resource utilization
• Investigate suspicious user and system events and identify breaches and root cause.
• Mitigate intrusion attempts through proactive response to incidents
• Prepare manual and scheduled reports for various stakeholders
• Research and stay up to date on technology and cybersecurity trends
• Monitor event logs from various systems (firewalls, email, web and DNS, databases, etc.) to identify suspicious activities or attacks, intrusions, and unusual, unauthorised, or illegal activity
• Perform incident drilldowns and investigations and escalate validated incidents to designated incident response teams
• Follow up on security incidents with relevant support teams and ensure timely resolution
• Administer the performance, resource utilisation and overall health of the Bank’s security monitoring tools
• Prepare and circulate SOC management reports and dashboards

• SIEM (Splunk, QRadar, LogRhythm, ArcSight, AlienVault)
• Information Security
• Cybersecurity
• System Administration
• Network Administration
• Database Administration
• Cloud Platform Administration
• Application Development

• Bachelor’s Degree in Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field
• Certified SOC Analyst (CSA)
• Certified Incident Handler (E|CIH)
• Certified Threat Intelligence Analyst (CTIA)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• PENTEST+
• Security+
• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Any vendor-specific SIEM certification (Splunk, QRadar, LogRhythm, ArcSight, AlienVault, etc.)
• Any vendor-specific information security certification
• Master’s Degree in MBA / MSc Cybersecurity / Information Systems Security / IT Security / IT