ICT Risk Officer Job at Equity Bank
ICT Risk Officer
Equity Bank is the region’s leading Bank whose purpose is to transform the lives and livelihoods of the people of Africa socially and economically by availing them modern and inclusive financial services that maximize their opportunities. With a strong footprint in Kenya, Uganda, Tanzania, Rwanda, South Sudan and DRC, Equity Bank is now home to more than 14 million customers – the largest customer base in Africa.
The Bank seeks to recruit passionate and self-driven individual to fill the position below.
Job Title: ICT Risk Officer
Reports to: Head of Risk and Compliance
Responsible for supporting and executing risk identification and management across all aspects of ICT within the Bank including Cyber Security and Information Risk. The role will provide continuous independent assurance on the Banks Information System security by ensuring appropriate security controls are in place to safeguard Bank assets from ICT risks while also ensuring compliance with ICT and Information Security Policies, regulatory guidelines and applicable best practice standards.
Work closely with Group Risk, In-country ICT teams and the wider business stakeholders where required.
Main Duties and Responsibilities:
- Participate in development of ICT Risk Management Framework and annual ICT Risk Assessment exercise
- Identify and assess risks, design mitigation controls and track/monitor risks to closure including escalation of long outstanding risk exposures to management.
- Review Banks critical systems, risk assessment and recommendation of appropriate and adequate IT security controls to mitigate and minimize information security risks.
- Evaluation of ICT controls for all operating systems, applications, database management system interfaces and networks across the Bank to ensure consistency in achieving compliance requirements (regulatory, standards and internal policies).
- Proactively anticipate potential threats and vulnerabilities and provide guidance in coordination with IT department on effective responses or control measures and improvement of ICT program development, management and evaluation processes.
- Work closely with business to identify risks in products dependent on the technology landscape.
- Continuously evaluate ICT policy compliance, Data & Information Risk, Business Continuity Risks and report on employee compliance with security controls and deficiencies.
- Promote ICT/Information Security awareness within the Bank by providing guidance, consulting and coordinating relevant programs to ensure a strong security culture.
KNOWLEDGE SKILLS AND EXPERIENCE:
- Must possess an IT or Computer Science bachelor’s degree.
- Relevant certifications in Risk, Audit, or Information Security knowledge areas, such as Information Systems
- Audit, Information Security Management, Risk Management and Ethical Hacking.
Critical Skills & Competencies
- Understanding of concepts related to ICT & Cyber Security including digital & cloud security, logical and physical access security, change management, Information & Cyber security, Business Resilience practices and network technology.
- Team player with good communication and interpersonal skills.
- Ability to work independently with minimal supervision.
- Demonstrate strong problem solving skills.
- Good report writing & presentation skills.
A minimum of 2 years of ICT Risk experience preferably in a Banking or Financial Institution that provides exposure to sophisticated ICT systems, network security, technology infrastructure, software development and project management.
If you believe you can clearly demonstrate your abilities to meet the criteria given above, please submit your application quoting the Job reference and title in the subject field to [email protected]
To be considered your application must be received not later than June 18, 2022.
Equity Bank (T) Ltd is committed to creating a diverse environment and is proud to be an equal opportunity employer.
“Equity Bank (T) Ltd does not charge any fee in connection with the application or recruitment process. Should you receive a solicitation for the payment of a fee, please disregard it”.
Only short-listed candidates will be contacted.