BANK

Cybersecurity Analyst, Third Party Cybersecurity

The Analyst, Third Party Cybersecurity is responsible for assessing and managing cybersecurity risks associated with our third-party vendors and partners. The position will play a critical role in ensuring the security and integrity of KCB Group’s data and systems by evaluating the cybersecurity posture of external entities and recommend risk management strategies. The objective of this position is to ensure cyber risks attendant to third parties are managed proactively.

The role works closely with the various teams in Group Cybersecurity, Enterprise Risk, Sourcing and technology teams to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls.

Key Responsibilities

  • Conduct comprehensive cybersecurity risk assessments of third-party vendors and partners to evaluate their security controls and practices.
  • Ensure alignment to third-party cybersecurity risk management framework and related policies and procedures.
  • Collaborate with internal stakeholders, including sourcing, legal, and Technology teams, to assess contractual agreements and ensure cybersecurity requirements are met.
  • Monitor and track third-party cybersecurity incidents, vulnerabilities, and compliance with contractual obligations, and collaborate with the Cybersecurity Intelligence and Security Operations Centre (CISOC) to respond.
  • Provide expertise and guidance on cybersecurity risk mitigation strategies to mitigate risks associated with third-party relationships.
  • Prepare detailed third-party risk assessment reports and present findings and recommendations to senior management and stakeholders.
  • Provide input into Cyber Security risk and control self-assessments by leveraging knowledge in third party cyber security and mitigating information and cyber risks identified by various assurance teams such as Information Risk and Audit.
  • Stay current with industry trends, emerging threats, and best practices in third-party risk management and cybersecurity.
  • Support in the development, management, implementation, and delivery of the security awareness program for both third parties and internal staff in liaison with Learning and Development, and Sourcing.

 The Person

For the above position, the successful applicant should have the following:

  • Bachelor's degree in information technology/computer science/Telecommunications / Engineering (Electrical, Electronic) or related field
  • At least one security certifications from the list: CISA, CISM, CISSP, CRISC, GIAC Certifications, CEH, COBIT, ISO270001 Implementor/Auditor.
  • At least 2 years' experience in IT/Information/Cyber security  
  • At least 1 year experience in third party management, third party engagements, working with a third party, auditing third parties

The above position is a demanding role for which the Bank will provide a competitive remuneration package to the successful candidate. If you believe you can clearly demonstrate your abilities to meet the criteria given above, please log in to our Recruitment portal and submit your application with a detailed CV.

 

To be considered your application must be received by Friday 18th October 2024

Qualified candidates with disability are encouraged to apply.

Only short-listed candidates will be contacted.

Apply Now
Uploaded: 2024-10-08 00:00:00 Deadline: 2024-10-18 00:00:00 Reference Number: 3175