Audit Manager, Cyber Security at KCB Bank Kenya

The Position:

The Audit Manager, Cyber Security is a role within the Audit Division, reporting to the Head, Information Systems Audit. The role holder will give objective and independent assurance that the bank’s Information Systems are appropriate, well utilized, reliable and secure while giving commensurate recommendations on areas of improvement.

Key Responsibilities:

• Contribute to conducting cyber risk assessment for assigned audit assignments
• Perform IT general and IT application control reviews on information systems to give assurance on effectiveness and efficiency of control environment, and compliance to KCB Group policies and Central Bank of Kenya (CBK) Prudential guidelines.
• Perform independent threat and vulnerability assessment tests and report on cyber risks and controls of the ICT systems within the bank and other related third-party connections.
• Conduct comprehensive penetration tests of the bank’s web-based applications, mobile applications, networks, and ICT systems to assess the effectiveness of the cybersecurity framework implemented by the bank.
• Documents the results of audit work in accordance with internal audit guidelines and the Institute of Internal Auditors (IIA) standards.
• Share knowledge, skills, and experience with team members.
• Perform other related duties as assigned.

The Person:

For the above position, the successful applicant should have the following:

• Bachelor’s Degree from a recognized University in Information Technology, Electrical Engineering, Computer Science, or related field.
• Professional Qualifications in Information Systems Audit / Security- CISA/CISM/CISSP
• Professional Qualifications in Penetration Testing - CEH/ LPT/OSCP/CCIE Security/CSX Practitioner
• 4 years’ progressive experience in Audit with at least 2 years’ experience in IS Audit and Cyber Security Reviews, Vulnerability Assessments and Penetration Testing.