Vulnerability Management Specialist, Cybersecurity

The role of the Vulnerability Management Specialist, Cybersecurity involves protecting KCB Group's information assets by designing, implementing, and maintaining a robust vulnerability management framework across various environments (on-premise, cloud, and containerized). This specialist acts as a Subject Matter Expert (SME) for vulnerability assessments and manages the entire vulnerability lifecycle, ensuring timely remediation and adherence to security controls and regulatory standards.

Key Responsibilities

• Design, implement, and maintain a comprehensive vulnerability management framework covering on-prem, cloud, and containerized environments as necessary for the protection of KCB Group information assets.
• Administer and optimize vulnerability management tools, including those for external attack surface monitoring and cloud security posture management.
• Serve as SME for vulnerability assessments across traditional infrastructure, cloud platforms, and container ecosystems.
• Manage vulnerability lifecycle, including prioritization, remediation tracking, and reporting for internal and external assets.
• Integrate vulnerability management processes with SIEM/SOAR and other Security platforms for automated alerting and response.
• Conduct research on emerging threats, zero-day vulnerabilities, and security best practices.
• Provide technical guidance to system owners on secure configurations and remediation strategies.
• Ensure compliance with regulatory requirements and industry standards pertaining to Vulnerability Management.
• Develop and maintain vulnerability scoring and risk prioritization models for enterprise-wide reporting.
• Act as Vulnerability Management SME in projects, providing advisory and validation of security controls throughout the lifecycle as needed.

Minimum Position Qualification Requirements

Academic & Professional

• Education: Bachelor’s Degree (B.Sc. Information Technology / Computer Science / Cybersecurity / Engineering (Electrical, Electronic) or related field) (Required).
• Professional Qualifications (Required - At least one or equivalent): Cybersecurity certification in either CISA, CISM, CISSP, Security+, or CEH.
• Advantageous Qualifications (AA): Penetration Testing / Cybersecurity Assurance Certification such as OSCP, CPT, LPT, PenTest+, ECSA, CHFI, or CCNA CyberOps. Any Cloud Security (AWS/Azure/GCP) certificates or Container Security (Kubernetes/Docker) certificates.
• Advanced Degree (Advantageous): Master’s Degree (MBA / MSc).

Experience

• Total Minimum Experience: 5 years.
• Required experience in a Supervisory role.
• Experience in Cybersecurity: Minimum 2 years.
• Experience in Vulnerability Management: Minimum 1 year (Required).
• Experience in Security Testing / Penetration Testing: Minimum 1 year (Advantageous).
• Experience in System/ Network/ Database or Cloud Platform Administration: Minimum 2 years.