Cyber Security Specialist – Incident Response

KCB Bank

KCB Group is banking on you to be here for life

The Position: 

The Cybersecurity Specialist, Incident Response is responsible for investigating security incidents as part of the Bank’s Cyber Security Incident Response Team (CSIRT) that may negatively impact the Bank, its customers, or partners (including hacking attempts, intrusions, malware infestations, mishandling of data/information, and other security threats). The Cybersecurity Specialist, Incident Response will further provide support during cyber incidents and investigations, and actively participate in threat-hunting activities. The objective of this position is to ensure that the Bank can rapidly identify and effectively respond to cyber occurrences with minimal to no adverse impact on its data, information systems, technological infrastructure, reputation, customer confidence, or other tangible or intangible assets.

Key Responsibilities:

  • Appropriately and practically defend the information enterprise in accordance with established policies, procedures, guidelines, and practices.
  • Analyse security alerts and potential cybersecurity incidents to identify true security breaches.
  • Create procedures, run books, high- and low-level documentation, and processes and develop staff to respond to cybersecurity incidents more effectively.
  • Investigate security breaches and make informed decisions towards containment, and recommendations for corrective action.
  • Apply expertise in both endpoint and network analysis to ascertain the impact of an attack and develop threat trends and mitigation techniques and countermeasures that can prevent future attacks.
  • Coordinate the analytic and investigative efforts of the Cyber Security Incident Response and Recovery Team (CSIRRT) along with any Technology incident response team as required during a critical cyber occurrence.
  • Track emerging and realised threats including, but not limited to, mapping command-and-control infrastructure, investigating phishing campaigns, unearthing weaponised file/document techniques and patterns, as well as passing detection opportunities to the Cybersecurity Intelligence and Security Operations Centre (CISOC) and incident management teams.
  • Research and provide technical security expertise on advanced persistent threats (APTs) affecting the financial services industry to senior management.
  • Implement security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
  • Employ leading cybersecurity frameworks (like MITRE adversarial tactics, techniques, and common knowledge, National Institute of Standards and Technology Cybersecurity Framework, ISO 27001) to identify, counter and mitigate threats through the process of threat modelling.

The Person:

For the Cyber Security Specialist – Incident Response position, the successful applicant should meet the following criteria:

  • Information Technology / Computer Science / Telecommunications / Engineering / (Electrical, Electronic) or related field
  • Security certifications such as; Certified SOC Analyst (CSA), Certified Incident Handler (E|CIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Incident Handler (GCIH), GIAC Certified Forensic Analyst (GCFA), Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Security+.
  • Have a minimum of 5 years experience in Technology with at least 2 years experience in Cybersecurity and 1-year experience in Security Operations Centre / Security Monitoring.

Are you looking to sharpen your Cyber Security skills to stay relevant in the market? CLICK HERE to have a look at the top schools.

For all your IT certification needs, please, click here for information on how to get started

To apply for this job please visit

Job Overview
Job Location