Vulnerability Management Specialist, Cybersecurity

The Vulnerability Management Specialist is responsible for maintaining a vulnerability management framework for the Group, recommending appropriate controls, and maintaining a risk register.  The role will also be responsible for the delivery and management of simple and effective vulnerability management tools and solutions for the bank that meet both market and industry expectations in accordance with KCB Group’s business objectives, regulatory requirements, and strategic goals.

Key Responsibilities; -

• Design, implement, and maintain a comprehensive vulnerability management framework covering on-prem, cloud, and containerized environments as necessary for the protection of KCB Group information assets.
• Administer and optimize vulnerability management tools, including those for external attack surface monitoring and cloud security posture management.
• Serve as SME for vulnerability assessments across traditional infrastructure, cloud platforms and container ecosystems.
• Manage vulnerability lifecycle, including prioritization, remediation tracking, and reporting for internal and external assets.
• Integrate vulnerability management processes with SIEM/SOAR and other Security platforms for automated alerting and response.
• Conduct research on emerging threats, zero-day vulnerabilities, and security best practices.
• Provide technical guidance to system owners on secure configurations and remediation strategies.
• Ensure compliance with regulatory requirements and industry standards pertaining to Vulnerability Management.
• Develop and maintain vulnerability scoring and risk prioritization models for enterprise-wide reporting.
• Act as Vulnerability Management SME in projects, providing advisory and validation of security controls throughout the lifecycle as needed.

The Person

For the above position, the successful applicant should have the following:

• B.Sc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field is required.
• Professional Qualifications: Cybersecurity certification in either CISA/ CISM/ CISSP/ Security+/CEH at least one or an equivalent is required.
• Professional Qualifications: Penetration Testing /Cybersecurity Assurance Certification in either OSCP/ CPT/ LPT/ PenTest+/ ECSA/ CHFI/CCNA CyberOps any Cloud Security (AWS/Azure/GCP) certificates / Container Security (Kubernetes/Docker) is added advantage.
• Master’s Degree in MBA / MSc is added advantage.
• Total minimum No of 5 years of experience required in a Supervisory role.
• 2 years of experience in Cybersecurity.
• 2 years of experience in System/ Network/ Database or Cloud Platform Administration
• 1 year of experience in Vulnerability Management.
• 1 year of experience in Security Testing / Penetration Testing.

The above position is a demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.

To be considered your application must be received by Friday, 05^th December 2025.

Qualified candidates with a disability are encouraged to apply.

Only short-listed candidates will be contacted.