Specialist Vulnerability Assessment & Remediation at CRDB Bank Tanzania

To proactively assess, and remediate security vulnerabilities across the organization’s IT infrastructure, ensuring systems remain secure, resilient, and compliant with internal policies and external regulations. This role involves conducting regular vulnerability scans, analyzing results, prioritizing risks based on severity and business impact, and applying remediation actions with cross-functional teams. The specialist also contributes to the development of security standards, maintains accurate documentation, and supports audit and compliance initiatives by providing evidence of remediation activities.

Principle Responsibilities

• Conduct Regular Scans: Perform vulnerability scans across Bank systems and networks using tools such as Nessus, Tenable, OWASP ZAP, and Checkmarx to identify security weaknesses.
• Vulnerability Assessment: Evaluate vulnerabilities based on CVSS scores, exploitability, and business impact to support effective remediation prioritization.
• Remediation Coordination: Collaborate with system owners and IT teams to ensure vulnerabilities are addressed in a timely, efficient, and effective manner.
• Workflow Establishment: Develop and maintain workflows for scanning, reporting, and remediation, aligned with the Bank’s security policies and standards.
• Monitoring & Reporting: Track remediation progress and prepare dashboards/reports for various management forums to monitor closure rates and compliance.
• Incident Response Support: Provide vulnerability data during security incidents and assist in containment and recovery efforts.
• Root Cause Analysis: Investigate recurring vulnerabilities and provide recommendations for both short- and long-term remediation solutions.
• Documentation: Maintain comprehensive records of vulnerabilities, remediation efforts, and approved exceptions for audit and reference purposes.
• Threat Intelligence Integration: Align vulnerability data with threat intelligence feeds to prioritize critical exposures.
• Compliance Assurance: Ensure alignment with security standards and frameworks such as ISO 27001, NIST, and PCI-DSS; support internal and external audits.
• Patch Management Collaboration: Work closely with patch management teams to ensure identified vulnerabilities are addressed through appropriate updates or configuration changes.
• Actionable Remediation Plans: Develop and manage remediation plans based on vulnerability severity, with clear timelines and accountability.
• Security Configuration Assessment: Evaluate systems for security misconfigurations and apply approved hardening standards upon authorization.
• Training & Awareness: Deliver training and awareness sessions on vulnerability risks and best remediation practices to technical and non-technical stakeholders.
• Continuous Improvement: Regularly review and enhance vulnerability management practices to ensure continuous improvement and effectiveness.

Qualifications Required

• The candidate must have a bachelor’s degree in computer science, information security, or a related field.
• A minimum of 3 years of experience in vulnerability management or IT systems security operations is required.
• Deep understanding of scanning tools like Qualys, Nessus, Rapid7, Tenable, and the like is necessary.
• The ability to interpret CVSS scores and prioritize based on risk is essential. Knowledge of Windows, Linux, macOS, and cloud platforms (AWS, Azure, GCP) is required. Familiarity with ISO 27001, NIST CSF, CIS Controls, PCI-DSS is expected.
• Knowledge of patching processes and secure configuration standards is important.
• Understanding of network protocols, firewalls, and secure coding practices is necessary.
• Experience with tools like Sentinel, Splunk, or QRadar for correlating vulnerability data is required.
• Knowledge of ITIL processes and how vulnerabilities relate to incidents and changes is important.
• Awareness of cloud-specific vulnerabilities and remediation strategies is expected.
• Strong troubleshooting skills for resolving vulnerability-related issues in multi-environment setups are necessary.
• Vulnerability analysis and risk assessment skills are required. Remediation planning and execution experience is essential.
• Scripting skills in PowerShell, Python, or Bash are necessary. Report writing and dashboard creation abilities are expected.
• Strong communication and stakeholder engagement skills are required. Problem-solving and critical thinking abilities are essential. Project and time management skills are necessary.
• Certifications such as CompTIA Security+, Microsoft Certified, Linux Certifications, CEH, OSCP, or CISSP are desirable.
• Experienced system administration of Oracle, SQL Server, PostgreSQL, MariaDB databases, Linux and Windows operating systems is required.
• Experience in resolving vulnerabilities across cross-operational systems like Linux, Unix (AIX), Windows, Oracle, SQL Server, PostgreSQL, MariaDB databases, middleware like WebLogic, JBoss, WebSphere, IBM MQ, different OS, network devices, VMware, and ESXi is essential.

CRDB Commitment

CRDB Bank is dedicated to upholding Sustainability and ESG practices and encourage applicants who share this commitment. The Bank also promotes an inclusive workplace, hence applications from women and individual with disabilities are encouraged.

It is important to note that CRDB Bank does not charge any fees for the application or recruitment process, and any requests for payment should be disregarded as they do not represent the bank’s practices.

Only Shortlisted Candidates will be Contacted.

Deadline

2025-08-13

Employment Terms

PERMANENT