Equity Bank Limited (The “Bank”) is incorporated, registered under the Kenyan Companies Act Cap 486 and domiciled in Kenya. The address of the Bank’s registered office is 9th Floor, Equity Centre, P.O. Box 75104 – 00200 Nairobi. The Bank is licensed under the Kenya Banking Act (Chapter 488), and continues to offer retail banking, microfinance and related services. The Bank has subsidiaries in Kenya, Uganda, South Sudan, Rwanda and Tanzania. Its shares are listed on the Nairobi Securities Exchange and Uganda Securities Exchange. Equity Bank was founded as Equity Building Society (EBS) in October 1984 and was originally a provider of mortgage financing for the majority of customers who fell into the low income population. The society’s logo, a modest house with a brown roof, resonates with its target market and their determination to make small but steady gains toward a better life, seeking security and advancement of their dreams
As a Governance Risk and Compliance (GRC) Specialist, you’ll be responsible for strengthening our governance and compliance program to ensure adherence with information security regulatory requirements and industry best practices. You will partner across the organization, operations, and technology teams to implement tools and practices to enhance our processes related to third-party risk management, business continuity planning, controls assurance, and external auditor engagement.
- Establish standard repeatable practices to maintain a balanced security and compliance control framework that meets necessary regulatory and contractual requirements
- Ensure that necessary security due diligence of our vendor portfolio is maintained
- Act as the focal point for external auditor activity/assessments; driving accountability and efficiency across teams
- Influence and contribute to the policies, standards, and controls to drive efficient compliance controls
- Facilitates the processes necessary to ensure that we have effective business continuity to overcome physical, operational, or technology disruptions
- Work with internal stakeholders in the remediation of audit findings
- Partner with Human Resources, Legal, Finance teams, and other departments to ensure appropriate operational, technical, data privacy, and SOD controls are implemented and enforced
- Ensure compliance with society, regulatory, and industry standards for security and compliance
- Evaluate and develop Information Security Policies, Standards, Procedures, and Guidelines,
- Information Security Management Programs Development Execution & Compliance Monitoring,
- Perform Gap and/or Compliance Assessments against ISO/IEC 27001, GDPR, PCI-DSS, and other security standards,
- Implement Governance, Risk and Compliance Solutions,
- Deliver Security Awareness Trainings,
- Participate in customer meetings respond to RFI/RFP/RFQs and present solutions to prestigious multinational customers and partners.
Knowledge and Experience
- Bachelor’s Degree in Information Technology, Information Security/Assurance, Engineering, or similar area of study
- Certifications such as Cloud Security, CISSP, or CISA as well as technical certifications in Microsoft and Linux platforms are a plus.
- Minimum 3 years of experience in access management and 3rd Party reviews
- Familiarity working with and/or managing Governance, Risk, and Compliance (GRC) tools
- Experience in Big 4 is preferred with familiarity in the security audit process.
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Expertise with industry standard frameworks (ISO, NIST, PCI).
- Excellent communication and presentation skills, both verbal and in writing and an ability to build a network and to collaborate with various teams.
Key Critical Competencies
- Proficient in preparation of reports, dashboards, and documentation
- Excellent communication and leadership skills
- Understanding of regulations, standards and operating procedures
- Ability to handle high pressure situations with key stakeholders
- Good Analytical skills, Problem solving and Interpersonal skills
- Deep knowledge of Bank’s infrastructure, networks, and systems
- Budgets/ Financial Input
- Contribute to ensuring the budgets are adhered to and cost savings on various initiatives.
Method of Application
Closing Date : 7 July. 2022