Cybersecurity Analyst job at KCB Bank

Job Description

Job Summary

The Cybersecurity Analyst will be responsible for protecting the organization’s information systems and digital assets by monitoring, detecting, analyzing, and responding to cybersecurity threats. The role supports the implementation of security controls, incident response, and compliance with cybersecurity policies and regulatory requirements. This position is ideal for a technically skilled professional with strong analytical capabilities and experience in information security operations.

Key Duties & Responsibilities

• Design, implement, and maintain data security controls such as data classification, labelling, encryption, and data loss prevention (DLP), across systems, applications, and cloud platforms.
• Develop and maintain data security policies, standards, procedures and Minimum-Security Configuration Baseline Standards in line with industry best practices and regulatory requirements.
• Ensure compliance with applicable regulations and frameworks (e.g., Kenya Data Protection Act, ISO 27001, GDPR, and/or other relevant standards).
• Collaborate with the Cybersecurity Intelligence and Security Operations Centre (CISOC) in the continuous monitoring and defense of the Bank’s infrastructure against cybersecurity threat.
• Support secure adoption of new technologies, applications, and platforms to ensure cybersecurity requirements are met before introduction to production environments.
• Lead the end-to-end vulnerability management lifecycle for databases and datastores by executing assessments across cloud and on-premises infrastructure, performing risk-based prioritization, and collaborating with cross-functional teams to remediate and continuously report on compliance.
• Support cybersecurity risk assessments and remediation by leveraging technical knowledge to remediate gaps identified by assurance teams such as Information Risk and Audit teams.
• Support internal and external audits related to data security and privacy.
• Continuous research and provide technical expertise across the different business and technical functions, conduct data security awareness and user training sessions across the group.

Educational Qualifications, Experience, & Skills Required

• Bachelor’s Degree T / Computer Science or related field
• Experience in Cyber Security 2 years
• Security certification such as:
• SC-401: Information Protection Administrator Associate CISA: Certified Information Systems Auditor.
• CISM: Certified Information Security Manager 
• CISSP: Certified Information Systems Security Professional
• SSCP: Systems Security Certified Practitioner. 
• CompTIA Security+
• ISO27001
• OSCP: Offensive Security Certified Professional. 
• ETC
• Certified Information Privacy Professional (CIPP)
• SC-900: Microsoft Security, Compliance, and Identity Fundamentals, CyberOps Professional, Certified Ethical Hacker (CEH)