Equity Bank Limited

Lead, Security Technology Roadmap & COE at Equity Bank Kenya

00100, Nairobi Kenya
May 11, 2024
Application deadline closed.
Deadline date:
Application deadline closed.

Job Description

Job Purpose: 

The Lead, Security technology specialist provides a demonstrated holistic mastery and in-depth understanding of existing and emerging system, infrastructure and network security technologies in a complex environment and provides guidance on information security processes, controls, and compliance, and information security risk management.

Job Responsibilities/ Accountabilities: 

  • Measure the effectiveness of the Advanced Cyber Security & Emerging technologies / controls capabilities to ensure appropriate plans are in place to address lower performance and ineffective practices 
  • Evaluates, defines and provides recommendations addressing computer security architecture and infrastructure to address new requirements, emerging advanced network technologies, and changes to communications and IT operations and business processes 
  • Manages all aspects of communications security and the development, implementation, interpretation, accreditation, risk management and maintenance of detailed communications security policies, plans, programs, standards and criteria ensuring a successful communications security program 
  • Analyse business requirements and security solutions to deliver business appropriate levels of protection 
  • Responsible for application security but with a good working knowledge of other security domains (Cryptography, Identity and Access Management, Threat and Vulnerability Management, Infrastructure and Networks and Auditing, Logging and Compliance) 
  • Provide reporting on control status to management 
  • Update product standards as needed 
  • Proven ability to follow global established standards in digital evidence acquisition and handling, experience with conducting digital investigations and incident responses and experience in managing insider threats and cyber and data exfiltration incidences 
  • Support the delivery of the 3 year Cyber security roadmap to maintain and optimize the Advanced Cyber Security & Emerging technologies / controls capability 
  • Lead the enhancement and optimization of implemented reporting mechanisms to demonstrate the value of the Advanced Cyber Security & Emerging technologies / controls function with tangible benefits 
  • Identifies technical and business opportunities to take advantage of cross project knowledge, best practices and reusability to expedite projects 
  • Manage the security posture of IT infrastructure for overseas locations 
  • Provide deployment services on enabling new infrastructure capability 
  • Follow information security policies, methods, standards, National Institutes of Standard and Technology (NIST) standards and practices to organizational information systems, IT reference materials and interpret regulations 
  • Implement security controls, perform ongoing maintenance and prevent, detect, analyze and respond to security incidents 
  • Communicate with Information Security Officer, and other IT personnel within the organization and organizational staff 
  • Help coordinate the implementation of security programs across all agency platforms 
  • Assist with Active Directory access and Group Policies, Internet intrusion detection, Internet filtering, and monitoring of employee access, virtual private networking (LAN/WAN) security 
  • Assist and participate with the Senior IT Specialist as an advisor in projects to enhance or develop new IT systems, or to study the feasibility of acquiring new technology 

Strategy: 

  • Understand information security trends 
  • Document and communicate security solution roadmap to the GM, Enterprise Security Architecture team

Qualifications

Knowledge and Experience:

  • A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study 
  • Relevant industry certifications in information security program and governance as well as PMP will be an added advantage 
  • Minimum of Eight (3) years of computer information technology experience. 
  • Minimum of Four (7) years of experience engineering and designing IT security solutions 
  • Good understanding all the information security domains 
  • Experience of identifying and managing technology security risk 
  • Certification like CISSP, CCSP, CISA, CCISO, SABSA, ISO27001, ISO27301 will be of advantage 

Key Critical Competencies:

  • Ability to know when to implement solutions with consideration to the wider impacts i.e. risk, cost, customer impact, timescales, etc. 
  • Excellent negotiation, and written and verbal presentation skills 
  • Ability to handle high pressure situations with key stakeholders 
  • Good Analytical skills, Problem solving and Interpersonal skills 
  • Deep knowledge of enterprise application development security controls  
  • Good knowledge of Telco convergence business, FinTech network traffic consumption and OpenAPI