Application Security Specialist
Kenya
KCB Group
- Define, document, and implement software security policy, secure coding practices and guidelines for the bank in line with industry best practices and technologies commensurate with risk and regulatory requirements.
- Develop, implement, and maintain a software security assurance framework which that shall guide information security team in security and risk assessments of applications, as well as provide security requirements for developers and third parties to adhere to.
- Lead Information Security involvement in all software and application implementation projects and scrum teams to ensure all applications and changes meet set information security requirements before introduction to production environments.
- Collaborate with Enterprise Architecture and Business Services & Solutions teams to identify application/software security improvements and plug-in identified security controls in DevOps tools.
- Perform and coordinate regular trainings on secure coding, software security and application security practices for the development and other KCB technology teams at regular intervals.
- Collaborate in the continuous monitoring and defense of the Bank’s critical applications, such as core banking, and digital channels, for cybersecurity threat indicators; report on violations and security measures taken to address threats.
- Identify, integrate, and maintain security tools, such as SAST and DAST tools (Static/Dynamic Application Security Testing), standards, and processes into the software development or product life cycle (SDLC / PLC), and CI/CD pipelines.
- Participate in performing risk assessments for business solutions for inherent security risks and provide recommendations for addressing such risks.
- Define, create, and deliver software/application security compliance reports and relevant metrics to the Bank’s Senior Management.
- Protects the bank’s applications and systems by defining access privileges and other security control structures.
Education:
Particulars Detail Specific Field or Qualification Need Type4 Education Bachelor’s DegreeBSc. Information Technology /
Computer Science / Telecommunications / Engineering (Electrical, Electronic)
RQ Professional Qualifications- CDP: Certified DevSecOps Professional
- CSSLP: Certified Secure Software Lifecycle Professional
- CISM: Certified Information Security Manager
- CISA: Certified Information Systems Auditor
- CISSP: Certified Information Systems Security Professional
1 RQ
More than 1
- AA
Master’s Degree MBA/MSc AAExperience:
Total Minimum No of Years Experience Required5
DetailMinimum No of Years
Need Type[1]
Experience in Information Security2
ES
Strong Application Security
knowledge, experience within Secure SDLC and DevSecOps
1
ES
Experience in Banking Operations1
ES
Experience in Project Implementation and user training1
DE
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Banking CI/CD CISA CISM CISSP Compliance Computer Science DAST DevOps DevSecOps Governance Monitoring Risk assessment SAST Scrum SDLC
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs