Posted:Oct 3
By:Hiring Kenya
Company Details
Industry:
Banking
Description:
Equity Bank Limited (The "Bank”) is incorporated, registered under the Kenyan Companies Act Cap 486 and domiciled in Kenya. The address of the Bank’s registered office is 9th Floor, Equity Centre, P.O. Box 75104 - 00200 Nairobi. The Bank is licensed under the Kenya Banking Act (Chapter 488), and continues to offer retail banking, microfinance and related services. The Bank has subsidiaries in Kenya, Uganda, South Sudan, Rwanda and Tanzania. Its shares are listed on the Nairobi Securities Exchange and Uganda Securities Exchange. Equity Bank was founded as Equity Building Society (EBS) in October 1984 and was originally a provider of mortgage financing for the majority of customers who fell into the low income population. The society’s logo, a modest house with a brown roof, resonates with its target market and their determination to make small but steady gains toward a better life, seeking security and advancement of their dreams. The vast majority of Africans have historically been excluded from access to fin
Job Description
The role holder will be responsible for defining and running the service management framework of the Group Information Security organization in order to ensure optimal performance of the Information Security function. The role holder will establish the measuring, monitoring and reporting standards for Information Security services and establish robust internal & external stakeholder engagement.
Job Responsibilities/ Accountabilities:
- Define a security service assurance model for Group Information Security services.
- Develop and establish service standards for services offered by Group Information Security to technical and business stakeholders.
- Develop metrics and monitoring thresholds and reporting for the Group Information Security function. This includes people functions, projects, internal services, vendors, operations etc.
- Define a GIS reporting framework for Group and Subsidiaries, relevant to various stakeholders and governance committees, including but not limited to Board, Exco, MDs of Subsidiaries, CIOs and Business Unit Heads, business and operational teams.
- Measure, track and report on performance of programme delivery, projects and roadmap activities delivered by Group Information Security teams (Cyber Defence Operations, Enterprise Security Architecture)
- Define SLAs (Service Level Agreements) for services offered by Group Information Security and by outsourced suppliers and manage and report on SLA achievement.
- Work with the Group Information Security teams to define and measure their process outputs and establish regular reporting of the same.
- Develop and provide regular reports on the effectiveness of Group Information Security management to Senior Management and manage and track the outcomes related to security.
- Setup and manage internal and external stakeholder forums & meetings for deliberation on service outcomes and track the outcomes.
- Track and monitor vendor and partner service deliverables and SLAs, and report on deviations to agreed service levels.
- Conduct regular benchmarking with industry peers on service standards, for improvements and adoption within the Bank
Qualification
Knowledge and Experience
- Bachelor’s degree in information technology, Information Security, Engineering or similar area of study
- Hold relevant industry certifications (ISO 27001, ITIL etc.)
- Minimum 6 years of experience in Information Technology.
- Knowledge of information security operations and concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience with industry standard frameworks (ISO 27000, ITIL, NIST, PCI DSS).
- Experience in project & vendor management
- Ability to effectively provide briefings to business and technical stakeholders on Information Security performance.
Education: Degree, Diploma
Employment Type: Full Time
