Cybersecurity Specialist, Identity & Access Management

KEY RESPONSIBILITIES:

• Implement and support the Bank’s identity and access management solution and processes in line with the Bank’s identity lifecycle management policies.
• Design, implement, and support the Bank’s privileged access management solution and processes in line with the Bank’s privileged access management policies and ensure the principle of least privilege.
• Develop a reporting mechanism based on metrics to monitor progress, to measure efficiency and effectiveness of the identity and access management program.
• Provide technical support in the design and implementation of identity/privileged access management in projects from inception through to successful implementationin a bid to ensure compliance to set identity/privileged access management standards.
• Assess the sufficiency of policies, standards and procedures relative to identity and privileged access management best practices.
• Perform and coordinate periodic user recertification exercises across the KCB Group landscape, report compliance failures to management and follow up for immediate remediation.
• Perform periodic privileged access audits across KCB group’s systems identifying excessive permissions granted and follow up for immediate remediation.
• Educate users on how to use identity and access management systems effectively proactively helping maintain a secure access environment and minimize the risk of unauthorized access.
• Provide input into technology security risk control self-assessments by leveraging specialized knowledge in identity/privileged access management.
• Conduct research and development on new areas in identity/privileged access management and perform knowledge sharing with Technology Security team across the group.

MINIMUM POSITION QUALIFICATION REQUIREMENTS

1. Academic & Professional

Particulars Detail Specific Field or Qualification Need Type[4] Education  Bachelors Degree BSc. IT or equivalent RQ Professional Qualifications

At least one: CISA or CISM or CISSP

Security+, CCSP, IAM certification from Microsoft, Oracle, Okta, Azure, AWS or Google

RQ

 

AA

  Masters Degree MBA/MSc AA  

 

2. Experience

Total Minimum No of Years’ Experience Required   5 Detail Minimum No of Years Need Type[5] Experience in Information Security 3 ES Experience in Identity and Access Management 2 ES Experience in Banking Operations 1 DE Experience in Project Implementation and user training 1 DE Experience in large busy technology environment  3 ES

KCB Group is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, 2016. The holding company oversees KCB Kenya – incorporated with effect from January 1, 2016 – and all KCB’s regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It also owns KCB Insurance Agency, KCB Capital, KCB Foundation, National Bank of Kenya, and all associated companies. The holding company was set up to among other things to enhance the Group’s capacity to access unrestricted capital and also enable investment in new ventures outside banking regulations, achieve operational and strategic autonomy for the Group’s operating entities and enhance corporate governance across the Group and oversight in the management of subsidiaries. Related documentation:  Group Name Change,   Name Change Certificate,  KCB Advise on Non-Operating Holding Company,  KCB Group Structure,  Kenya Gazette Notice.