Cyber Security Incidence Response Manager Job at Equity Bank Kenya… See details on how to apply for the opportunities available at Equity Bank Kenya.
Equity Bank Limited (The “Bank”) is incorporated, registered under the Kenyan Companies Act Cap 486 and domiciled in Kenya. The address of the Bank’s registered office is 9th Floor, Equity Centre, P.O. Box 75104 – 00200 Nairobi. The Bank is licensed under the Kenya Banking Act (Chapter 488), and continues to offer retail banking, microfinance and related services.
- Cyber Incident Response Planning and Preparation: The candidate will be required to be incharge of the process of maintaining and improving incident response capabilities and preventing incidents by ensuring that systems, networks, applications, and data handling processes are sufficiently secure, and employee awareness training is in place. The CSIRM will ensure practice exercises (Table-top Exercises) for the CIRT (Cyber Incident Response Team) are conducted periodically, where various incident scenarios are presented to the Team in a practice session.
- Cyber Incident Identification: The CSIRM will facilitate the process of confirming, characterizing, classifying, categorizing, scoping, and prioritizing suspected incidents as per the Group Incident Response Policies and Procedures.
- Cyber Incident Notification: The CSIRM will ensure alerting of CIRT members to the occurrence of an incident and communicating throughout the incident to the relevant stakeholders.
- Cyber Incident Containment: The CSIRM will proactively play a critical role in containment of cyber incidents to ensue minimization of financial and/or reputational loss, theft of information, or service disruption. The CSIRM ensure prompt communication briefs to the Group CISO on any Cyber Incident occurrence. The CSIRM will also coordinate communication with relevant stakeholder(external and Internal) as par the Bank’s Communication policies if and when required.
- Cyber Breach Eradication and threat Elimination: The CSIRM will coordinate all aspects of threat eradication through thorough identification of all affected assets, elimination of artifacts of the incident (e.g., removal of malicious code, re-image infected systems) and mitigating the vulnerabilities or other conditions that were exploited. This will also ensure that Forensics artifacts are well maintained and preserved asp er the Bank’s Digital Forensics Policies and Procedures.
- Recovery: The CSIRM will coordinate and ensure restoration of services to a normal state of operation and the resumption of business activities quickly and securely as per the SLAs.
- Post-incident Activities: The CSIRM will be tasked to assess the overall response effectiveness and identify opportunities for improvement through, ‘lessons learned’ or mitigation of exploited weaknesses. This will also include continuous incorporation of incident’s learnings into the cyber fortification efforts and the response plan, as appropriate.
- Other Duties may include assisting the Bank’s Communication team with relevant information that will assist in reputational repair measures, if needed.
Required Skill and Certifications:
- Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering or similar area of study;
- Hold at least one relevant industry certifications (GCIH, GCED, CISSP, CISA, CISM, etc.)
- Minimum 5 years Security leadership, with experience running and managing incident playbooks.
- Minimum 3 years of experience working in a SOC environment and working knowledge of all managed controls and services. (added advantage)
- Relevant industry certifications or relevant technology vendor certifications
- Personnel and resource management experience
- Strong knowledge of Cyber Security forensics, project management, change management, technology implementation and risk analysis strategy
- Proficient at professional communication and documentation of processes and procedures.
METHOD OF APPLICATION
Application Deadline: 30th September 2022.