Jobs at KCB Bank Kenya
Website :
522 Days Ago
Linkedid Twitter Share on facebook
Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya - incorporated with effect from January 1, 2016 - and all KCB's regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. 

Senior Manager, Continuous Audit and Automation

The Position: 

The Information System Audit department is a function within the Audit Division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Reporting to the Head, Information Systems Audit, the Senior Manager, Continuous Audit and Automation will champion the automated assurance initiatives across the Group leading to higher levels of assurance and continuous auditing of controls.

Key Responsibilities:

  • Provide leadership in the management and support of the Continuous Auditing Platform (i.e., Alessa), CAATs Solution (i.e., IDEA) and Data-driven Assurance Platform (i.e., Microsoft Power Platform—Power BI, Power Apps, Power Automate, and Power Virtual Agents).
  • Lead identification of automation assurance opportunities by facilitating business process control understanding workshops and walkthroughs with respective audit teams in the Group.
  • Liaise with the Technology team to ensure any data gaps in the Enterprise Data Warehouse are addressed to ensure that the required audit tests can be automated.
  • Lead the automation of identified audit control tests in the Group (i.e., scripting, development, testing) and schedule the automated audit tests in Alessa for continuous auditing.
  • Review the documentation of the automated audit tests in Test Portal for completeness, validity, and accuracy.
  • Lead engagements with respective audit teams in the Group to address and remediate false positive exceptions generated by the automated audit control tests Review and update the continuous auditing and audit issue tracking visualization dashboards for completeness, accuracy, and validity.
  • Undertake preparation of continuous audit reports and communication of audit findings to the respective auditees for tracking in Teammate and remediation.
  • Share knowledge, skills, and experience with team members.
  • Maintain respectful and effective communications and relationships with key stakeholders.

The Person:

For the above position, the successful applicant should meet the following criteria:

  • Bachelor's Degree in Information Technology, Finance, Electrical Engineering, Computer Science, Business Intelligence & Data Analytics, or a Related field from a university recognized by Commission for University Education.
  • Must Possess CISA / CISM / Google Data Analytics Certification or a related information systems audit or data analytics certification.
  • Master's degree is an added advantage
  • A minimum 8 years' experience in IT and/or IT Audit covering 5 years in Data Analytics, data extraction, data transformation, and scripting experience and 2 years in implementing, managing, and administering continuous auditing systems.
  • Must possess proficiency in data analytics using tools and scripting languages e.g., Python, R, SQL, etc.
  • Must possess proficiency in using IDEA CAATs and IDEA Scripting.
  • Must possess proficiency in using Data Visualization tools e.g., MS Power BI, Tableau, etc.
  • Must possess excellent audit report writing and presentation skills.
  • Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
  • Must possess effective planning, organizing and problem-solving skills.

To be considered your application must be received by Thursday, 22nd December 2022.

 

Manager, Continuous Audit and Automation

The Position: 

The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Reporting to the Senior Manager, Continuous Audit and Automation, the Manager, Continuous Audit and Automation will support the automated assurance initiatives across the Group leading to higher levels of assurance and continuous auditing of controls.

Key Responsibilities:

  • Manage and support the Continuous Auditing Platform (i.e., Alessa), CAATs (i.e., IDEA) and Data-driven Assurance Platform (i.e., Microsoft Power Platform—Power BI, Power Apps, Power Automate, and Power Virtual Agents).
  • Assist in the identification of automation assurance opportunities by participating in business process control understanding workshops and walkthroughs with respective audit teams in the Group.
  • Liaise with the Technology team to ensure any data gaps in the Enterprise Data Warehouse are addressed to ensure that the required audit tests can be automated.
  • Perform the automation of identified audit control tests in the Group (i.e., scripting, development, testing) using scripting languages such as IDEA Script, Python, R, SQL, etc. 
  • Schedule the automated audit tests in Alessa for continuous auditing.
  • Document the automated audit tests in the Test Portal.
  • Engage with respective audit teams in the Group to address and remediate false positive exceptions generated by the automated audit control tests
  • Develop and maintain the continuous auditing and audit issue tracking visualization dashboards using Power BI. 
  • Liaise with third-party vendors on troubleshooting of technical system errors encountered, upgrade installations, and new feature roll out for the Continuous Auditing Program/systems.
  • Perform other related duties as assigned.

The Person:

For the above position, the successful applicant should have the following:

  • Bachelor's Degree in Information Technology, Finance, Electrical Engineering, Computer Science, Business Intelligence & Data Analytics, or a Related field from a university recognized by Commission for University Education.
  • Must Possess CISA / CISM / Google Data Analytics Certification or a related information systems audit or data analytics certification.
  • Master's degree is an added advantage
  • A minimum 5 years' experience in IT and/or IT Audit covering 3 years in Data Analytics, data extraction, data transformation, and scripting experience.
  • Must possess proficiency in data analytics using tools and scripting languages e.g., Python, R, SQL, etc.
  • Must possess proficiency in using IDEA CAATs and IDEA Scripting.
  • Must possess proficiency in using Data Visualization tools e.g., MS Power BI, Tableau, etc.
  • Must possess excellent audit report writing and presentation skills.
  • Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
  • Must possess effective planning, organizing and problem-solving skills.

To be considered your application must be received by Thursday, 22nd December 2022.

 

Senior Manager, Cybersecurity Audit

The Position: 

The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Reporting to the Head, Information Systems Audit, the Senior Manager, Cybersecurity Audit exists to lead cyber security related audits and advisory assignments across the Group that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Key Responsibilities:

  • Provide leadership in individual Cyber Security related audit and advisory assignments.
  • Conduct cyber security risk assessment to develop the annual internal audit plan.
  • Lead the execution of independent threat and vulnerability assessment and penetration test audits of the bank’s ICT systems to assess the effectiveness of the cybersecurity control framework and report on cyber risks noted.
  • Lead walkthroughs, testing of controls, and negotiating potential issues for Technology audits within the cybersecurity and infrastructure portfolio, including scope areas such as identity and access management, asset classification, network security, operating system security, database security, web application security, mobile application security, public cloud (AWS/GCP/Azure) environments, vulnerability management, endpoint protection, etc.
  • Present to the area management the results, recommendations, and conclusions of the cyber security audit reviews.
  • Undertake preparation of audit reports and communication of audit findings
  • Reviews the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
  • Share knowledge, skills, and experience with team members.
  • Maintain respectful and effective communications and relationships with key stakeholders.
  • Value-add activities including provision of consultancy to projects undertaken by the business.

The Person:

For the above position, the successful applicant should have the following:

  • Bachelor's Degree in Information Technology, Electrical Engineering, Computer Science, Business, or a Related field from a university recognized by Commission for University Education.
  • Must Possess LPT/Offensive Security Certified Professional (OSCP)/CCIE Security/CSX Practitioner/ Certified Red Team Expert (CRTE) or a related penetration testing or red team exercise certification.
  • Master's degree is an added advantage
  • A minimum 8 years' experience in IT Security and/or IT Audit covering 5 years in Cyber Security Reviews and Vulnerability Assessments and 5 years in Red Team Exercises and/or Penetration Testing Experience.
  • Must possess proficiency in using penetration testing tools e.g., Kali Linux, Nessus, Nipper, Burp suite, Metasploit framework, Wireshark, Acunetix, Netsparker, Mobsf, Frida, BeEF, Objection etc.
  • Must possess proficiency in performing security assessments on operating systems, database management systems, web applications and mobile applications. 
  • Must possess excellent audit report writing and presentation skills.
  • Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
  • Must possess effective planning, organizing and problem-solving skills.

To be considered your application must be received by Thursday, 22nd December 2022.

 

Manager, Cyber Security Audit

The Position: 

The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Reporting to the Senior Manager, Cyber Security Audit, the Manager, Cyber Security Audit will carry out cyber security related audits and advisory assignments across the Group that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Key Responsibilities:

  • Conduct cyber risk assessment for assigned cyber security audit and advisory assignments.
  • Perform independent threat and vulnerability assessment and penetration test audits of the bank’s ICT systems to assess the effectiveness of the cybersecurity control framework and report on cyber risks noted.
  • Conduct walkthroughs, testing of controls, and negotiating potential issues for Technology audits within the cybersecurity and infrastructure portfolio, including scope areas such as identity and access management, asset classification, network security, operating system security, database security, web application security, mobile application security, public cloud (AWS/GCP/Azure) environments, vulnerability management, endpoint protection, etc.
  • Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
  • Share knowledge, skills, and experience with team members.
  • Perform other related duties as assigned.

The Person:

For the above position, the successful applicant should meet the following criteria:

  • Bachelor's Degree in Information Technology, Electrical Engineering, Computer Science, Business, or a Related field from a university recognized by Commission for University Education.
  • Must Possess CISA/CISM/CISSPor a related Information Systems Audit / Security certification.
  • Must Possess LPT/Offensive Security Certified Professional (OSCP)/CCIE Security/CSX Practitioner/ Certified Red Team Expert (CRTE) or a related penetration testing or red team exercise certification.
  • Master's degree is an added advantage
  • A minimum 5 years' experience in IT Security and/or IT Audit covering 3 years in Cyber Security Reviews and Vulnerability Assessments and 3 years in Red Team Exercises and/or Penetration Testing Experience.
  • Must possess proficiency in using penetration testing tools e.g., Kali Linux, Nessus, Nipper, Burp suite, Metasploit framework, Wireshark, Acunetix, Netsparker, Mobsf, Frida, BeEF, Objection etc.
  • Must possess proficiency in performing security assessments on operating systems, database management systems, web applications and mobile applications. 
  • Must possess proficiency in the use of audit management software e.g., TeamMate.
  • Must possess excellent audit report writing and presentation skills.
  • Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
  • Must possess effective planning, organizing and problem-solving skills.

To be considered your application must be received by Thursday, 22nd December 2022.

 

Manager, Information Systems Audit

The Position:

The Information System Audit department is a function within the Audit division. The department is responsible for providing objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Reporting to the Senior Manager, Information Systems Audit, the Manager, Information Systems Audit will carry out Information System / Technology related audits and advisory assignments across the Group that will give objective and independent assurance that the bank’s Information Systems and ICT infrastructure are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Key Responsibilities:

  • Participate and contribute to the Technology and Information Systems risk assessment process to develop the annual Group IS audit plan.
  • Plan and complete IS audit and advisory assignments involving Technology assurance in consultation with the Senior Manager, IS Audit and Head, IS Audit according to the approved Group IS audit plan within the defined timelines.
  • Develop in consultation with the Senior Manager, IS Audit appropriate audit tests and programs aimed at efficiently and effectively testing Technology Assurance levels.
  • Perform IT Governance, IT general and IT application control reviews on information systems and Technology environment to give assurance on the effectiveness and efficiency of the control environment, and compliance to KCB Group policies, International Standards (ISO 27001, ISO 22301, PCI DSS, NIST 800, etc.), and Regulatory requirements and guidelines.
  • Perform data analytics-based audit procedures as part of IT application reviews to test the completeness, accuracy, and validity of master and transactional data using CAATs tools and submit to the continuous auditing team for subsequent automation.
  • Perform ongoing project assurance and post implementation reviews on Technology related projects.
  • Follow up and verify closure of IS audit issue action plans as per stakeholder engagement agreements and track to completion within agreed timelines.
  • Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
  • Maintain pro-active approach to risk assessment through market intelligence, continuous engagements with stakeholders to understand business dynamics and through data analytics.
  • Share knowledge, skills, and experience with team members.

The Person:

For the above position, the successful applicant should meet the following criteria:

  • Bachelor's Degree in Information Technology, Electrical Engineering, Computer Science, Business, or a Related field from a university recognized by Commission for University Education.
  • Must Possess CISA/CISM/CISSP or a related IT audit or IT security certification.
  • Master's degree is an added advantage
  • A minimum 5 years' experience in IT / IS Audit covering 3 years in IT Governance review, IT project assurance, and Information Systems Audit Experience.
  • Must possess proficiency in performing IT governance, IT project assurance, IT general and IT application controls reviews.
  • Must possess proficiency in performing data analytics using CAATs tools and SQL.
  • Must possess proficiency in the use of audit management software e.g., TeamMate.
  • Must possess excellent audit report writing and presentation skills.
  • Must possess excellent customer service skills, strong business analytical skills, superior communication, and inter-personal skills.
  • Must possess effective planning, organizing and problem-solving skills.

To be considered your application must be received by Thursday, 22nd December 2022.

 

Manager, Business Continuity Planning & Compliance

The Position: 

The role is under Technology BCM Unit within Technology Infrastructure Department. The role is responsible for supporting the implementation of ICT business continuity and disaster recovery plans, procedures and solutions, including risk assessments, business impact analysis and documentation in line with IT policy and procedures and in a manner that provides effective continuity or restoration of ICT infrastructure and systems for business.

The role holder will be responsible for ensuring that all technical components of the Business Continuity Plans are successfully tested at least quarterly, or whenever significant changes are made to those components. Coordinate IT disaster response/crisis management activities in compliance with the IT emergency plan and helps provide and coordinate disaster preparedness training, helping ensure business continuity. Help ensure compliance with all applicable state and local laws, regulations, and ordinances with respect to the Bank’s information technologies.

Key Responsibilities:

  • Assists with developing and documenting tactical business continuity and IT disaster recovery plans and understand their interdependencies. 
  • Implement IT risk management procedures, business continuity scenarios, and contingencies and advises on business continuity and disaster recovery plans. 
  • Coordinates the implementation of IT disaster recovery test plans, testing, and documentation for each application. 
  • Engages application and systems management in disaster recovery testing, objectives and auditing. 
  • Performs on-going risk analysis of existing IT disaster recovery plans. 
  • Assists with the execution of the business continuity and IT disaster recovery plan(s). 
  • Manage the rehearsal program for testing the plans in accordance with the requirements, reporting on the outcome of such testing. 
  • Provide management support and administration for the Bank’s Incident Management Team, including activating incident escalation processes and coordinating the response to the early stages of an incident.
  • Ensuring IT DR plans are regularly tested with the participation of relevant stakeholders including external representatives and ensure accurate records are maintained for audit purposes.
  • Work with the IT technical staff to ensure that disaster recovery solutions are adequate, in place, maintained, and tested as part of the regular operational life cycle.

The Person:

For the above position, the successful applicant should meet the following criteria:

  • Bachelor’s Degree in Computer Science, Information Systems, Information Security, or a related IT field.
  • Professional Qualifications in either CISA, CISSP, AMBCI, MBCI, ITIL, CBCP is required.
  • 4 years Technology experience.
  • At least 3 years’ experience in current business continuity and disaster recovery planning techniques and technologies, as well as the methods used in performing risk analyses and business impact analyses.
  • 2 years’ experience in Core IT applications. 
  • 1 year experience in current recovery solutions & high availability architectures. 
  • 1 year experience in Vendor Management.
  • 1 year experience in People Management/Managing Teams.

To be considered your application must be received by Tuesday, 27th December 2022.

 

Method of Application


Job Info
Job Category: Several Jobs in one Advert jobs in Kenya
Job Type: Full-time
Deadline of this Job: 22 December 2022  
Duty Station: Nairobi
Posted: 13-12-2022
No of Jobs: 6
Start Publishing: 13-12-2022
Stop Publishing (Put date of 2030): 13-12-2065
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.