Manager, Vendor Risk Assessments at KCB Bank Kenya

Job Description (adsbygoogle = window.adsbygoogle || []).push({}); Kenya Commercial Bank Limited is registered as a non-operating holding company which started operations as a licensed banking institution with effect from January 1, . The holding company oversees KCB Kenya – incorporated with effect from January 1, – and all KCB’s regional units in Uganda, Tanzania, Rwanda, Burundi, Ethiopia and South Sudan. It also owns KCB Insurance Agency, KCB Capital, KCB Foundation and all associate companies. The holding company was set up to among other things to enhance the Group’s capacity to access unrestricted capital and also enable investment in new ventures outside banking regulations, achieve operational and strategic autonomy for the Group’s operating entities and enhance corporate governance across the Group and oversight in management of subsidiaries.Key Responsibilities Focus on threat intelligence management to proactively gather, process and analyze threat data.Assist IT teams in using the appropriate methods, tools, and techniques to detect and mitigate cyber threats.Search for security gaps by performing risk assessment, penetration testing, and identifying internal risks.Coordinate with the management team to resolve the cyber threats and oversee patching of the security system to prevent the same attack from recurring.Advance the skills with the latest technologies and tricks in cybersecurity.Reviewing System Security Configurations for effectiveness and recommend appropriate settings.Process new vendor risk classifications as vendors are on-boarded.Initiate vendor due diligence searches (business searches, Westlaw, OFAC) and file results in vendor folder.Ensure Vendor Risk Management policy and procedures, and KCB Manager tool capabilities are implemented according to approved policy.Validate incoming supplier engagements, working with business partners to ensure data is complete and accurate and inherent risks are identified.Conduct periodic third-party risk assessments. The PersonFor the above position, the successful applicant should have the following: A bachelor’s degree in computer science/ Information Technology or IT related degree.A professional certification in either of the following: CISA, CISM, CRISC,At Least 2 years’ experience of full understanding and command of SQL programming language and fourth generation language C sharp or VB.net programming language. At least 2 years’ prior experience with database Management especially oracle or SQL Server /,At least 2 years’ experience in Experience in object-oriented programming. (Preferably using .NET framework)