Manager Technology Risk
2025-08-18T12:40:08+00:00
Equity Bank
https://cdn.greatkenyanjobs.com/jsjobsdata/data/employer/comp_7833/logo/Equity%20Bank.png
https://equitygroupholdings.com/ke/
FULL_TIME
kenya
Nairobi
00100
Kenya
Banking
Management
2025-08-25T17:00:00+00:00
Kenya
8
Job Purpose:
The Manager, Technology Risk is responsible for overseeing the bank’s technology risk management framework, ensuring that risks related to IT infrastructure, cybersecurity, data protection, and digital transformation initiatives are effectively managed. This role works closely with IT, cybersecurity, and risk management teams to identify, assess, monitor, and mitigate technology-related risks while ensuring compliance with regulatory requirements and best practices.
Key Responsibilities
Technology Risk Framework Implementation
- Develop, implement, and maintain the bank’s Technology Risk Management Framework in alignment with regulatory requirements and industry standards (e.g., NIST, ISO 27001, COBIT, Basel).
- Ensure technology risk policies, procedures, and controls are effectively embedded across all business units.
Risk Identification, Assessment & Mitigation
- Conduct technology risk assessments, including IT control testing, risk control self-assessments (RCSA), and scenario analysis.
- Identify emerging risks related to cybersecurity threats, third-party IT risks, cloud computing, AI, and digital banking platforms.
- Implement risk mitigation measures to strengthen IT security and resilience.
Cybersecurity & Data Protection Oversight
- Work closely with the Information Security and IT teams to assess cyber threats, vulnerabilities, and incident response strategies.
- Ensure compliance with data protection laws (e.g., GDPR, Kenya Data Protection Act) and regulatory requirements.
- Monitor cybersecurity incidents and oversee remediation efforts.
Third-Party & Vendor Risk Management
- Assess technology risks associated with third-party vendors, cloud service providers, and IT outsourcing arrangements.
- Conduct due diligence and continuous monitoring of critical IT service providers.
Regulatory Compliance & Audit Coordination
- Ensure adherence to local and international regulatory requirements, including CBK ICT Risk Guidelines, Basel III, and ISO standards.
- Act as the liaison between IT, internal audit, and external regulatory bodies during technology risk audits.
- Address and close audit findings related to IT risk.
Business Continuity & Incident Management
- Support IT Disaster Recovery (DR) and Business Continuity Planning (BCP) initiatives.
- Coordinate technology risk incident response efforts and ensure timely reporting of critical IT disruptions.
Technology Risk Reporting & Governance
- Develop and present technology risk reports, dashboards, and key risk indicators (KRIs) to senior management, the Risk Committee, and Board-level governance forums.
- Track and monitor IT risk remediation plans, ensuring timely resolution of identified risks.
Training & Awareness
- Conduct technology risk awareness training for business units to promote a risk-aware culture.
- Support risk management capacity-building initiatives for IT and business teams.
Qualifications
Qualifications, Experience
- Education: Bachelor’s degree in computer science, Information Technology, Risk Management, Cybersecurity, or a related field. A master’s degree is an added advantage.
- Certifications: Professional certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), or ITIL (Information Technology Infrastructure Library) are highly preferred.
- Experience: Minimum of 5-7 years of experience in technology risk management, IT security, cybersecurity, or audit in the banking or financial services industry.
- Regulatory Knowledge: Strong understanding of CBK ICT Risk Guidelines, Basel Accords, NIST Cybersecurity Framework, GDPR, Kenya Data Protection Act, and ISO 27001.
Key Competencies & Skills
- Technology Risk Management – Expertise in IT risk identification, mitigation, and monitoring.
- Cybersecurity & Information Security – Strong understanding of cyber threats, vulnerability management, and data protection regulations.
- IT Governance & Compliance – Knowledge of COBIT, ITIL, and regulatory requirements for technology risk management.
- Incident & Crisis Management – Ability to handle IT incidents, cyber breaches, and business continuity disruptions.
- Audit & Assurance – Experience in conducting IT risk assessments, internal audits, and regulatory compliance reviews.
Key Responsibilities Technology Risk Framework Implementation Develop, implement, and maintain the bank’s Technology Risk Management Framework in alignment with regulatory requirements and industry standards (e.g., NIST, ISO 27001, COBIT, Basel). Ensure technology risk policies, procedures, and controls are effectively embedded across all business units. Risk Identification, Assessment & Mitigation Conduct technology risk assessments, including IT control testing, risk control self-assessments (RCSA), and scenario analysis. Identify emerging risks related to cybersecurity threats, third-party IT risks, cloud computing, AI, and digital banking platforms. Implement risk mitigation measures to strengthen IT security and resilience. Cybersecurity & Data Protection Oversight Work closely with the Information Security and IT teams to assess cyber threats, vulnerabilities, and incident response strategies. Ensure compliance with data protection laws (e.g., GDPR, Kenya Data Protection Act) and regulatory requirements. Monitor cybersecurity incidents and oversee remediation efforts. Third-Party & Vendor Risk Management Assess technology risks associated with third-party vendors, cloud service providers, and IT outsourcing arrangements. Conduct due diligence and continuous monitoring of critical IT service providers. Regulatory Compliance & Audit Coordination Ensure adherence to local and international regulatory requirements, including CBK ICT Risk Guidelines, Basel III, and ISO standards. Act as the liaison between IT, internal audit, and external regulatory bodies during technology risk audits. Address and close audit findings related to IT risk. Business Continuity & Incident Management Support IT Disaster Recovery (DR) and Business Continuity Planning (BCP) initiatives. Coordinate technology risk incident response efforts and ensure timely reporting of critical IT disruptions. Technology Risk Reporting & Governance Develop and present technology risk reports, dashboards, and key risk indicators (KRIs) to senior management, the Risk Committee, and Board-level governance forums. Track and monitor IT risk remediation plans, ensuring timely resolution of identified risks. Training & Awareness Conduct technology risk awareness training for business units to promote a risk-aware culture. Support risk management capacity-building initiatives for IT and business teams.
Qualifications Qualifications, Experience Education: Bachelor’s degree in computer science, Information Technology, Risk Management, Cybersecurity, or a related field. A master’s degree is an added advantage. Certifications: Professional certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), or ITIL (Information Technology Infrastructure Library) are highly preferred. Experience: Minimum of 5-7 years of experience in technology risk management, IT security, cybersecurity, or audit in the banking or financial services industry. Regulatory Knowledge: Strong understanding of CBK ICT Risk Guidelines, Basel Accords, NIST Cybersecurity Framework, GDPR, Kenya Data Protection Act, and ISO 27001.
JOB-68a31f28cdc84
Vacancy title:
Manager Technology Risk
[Type: FULL_TIME, Industry: Banking, Category: Management]
Jobs at:
Equity Bank
Deadline of this Job:
Monday, August 25 2025
Duty Station:
kenya | Nairobi | Kenya
Summary
Date Posted: Monday, August 18 2025, Base Salary: Not Disclosed
Similar Jobs in Kenya
Learn more about Equity Bank
Equity Bank jobs in Kenya
JOB DETAILS:
Job Purpose:
The Manager, Technology Risk is responsible for overseeing the bank’s technology risk management framework, ensuring that risks related to IT infrastructure, cybersecurity, data protection, and digital transformation initiatives are effectively managed. This role works closely with IT, cybersecurity, and risk management teams to identify, assess, monitor, and mitigate technology-related risks while ensuring compliance with regulatory requirements and best practices.
Key Responsibilities
Technology Risk Framework Implementation
- Develop, implement, and maintain the bank’s Technology Risk Management Framework in alignment with regulatory requirements and industry standards (e.g., NIST, ISO 27001, COBIT, Basel).
- Ensure technology risk policies, procedures, and controls are effectively embedded across all business units.
Risk Identification, Assessment & Mitigation
- Conduct technology risk assessments, including IT control testing, risk control self-assessments (RCSA), and scenario analysis.
- Identify emerging risks related to cybersecurity threats, third-party IT risks, cloud computing, AI, and digital banking platforms.
- Implement risk mitigation measures to strengthen IT security and resilience.
Cybersecurity & Data Protection Oversight
- Work closely with the Information Security and IT teams to assess cyber threats, vulnerabilities, and incident response strategies.
- Ensure compliance with data protection laws (e.g., GDPR, Kenya Data Protection Act) and regulatory requirements.
- Monitor cybersecurity incidents and oversee remediation efforts.
Third-Party & Vendor Risk Management
- Assess technology risks associated with third-party vendors, cloud service providers, and IT outsourcing arrangements.
- Conduct due diligence and continuous monitoring of critical IT service providers.
Regulatory Compliance & Audit Coordination
- Ensure adherence to local and international regulatory requirements, including CBK ICT Risk Guidelines, Basel III, and ISO standards.
- Act as the liaison between IT, internal audit, and external regulatory bodies during technology risk audits.
- Address and close audit findings related to IT risk.
Business Continuity & Incident Management
- Support IT Disaster Recovery (DR) and Business Continuity Planning (BCP) initiatives.
- Coordinate technology risk incident response efforts and ensure timely reporting of critical IT disruptions.
Technology Risk Reporting & Governance
- Develop and present technology risk reports, dashboards, and key risk indicators (KRIs) to senior management, the Risk Committee, and Board-level governance forums.
- Track and monitor IT risk remediation plans, ensuring timely resolution of identified risks.
Training & Awareness
- Conduct technology risk awareness training for business units to promote a risk-aware culture.
- Support risk management capacity-building initiatives for IT and business teams.
Qualifications
Qualifications, Experience
- Education: Bachelor’s degree in computer science, Information Technology, Risk Management, Cybersecurity, or a related field. A master’s degree is an added advantage.
- Certifications: Professional certifications such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), CISSP (Certified Information Systems Security Professional), or ITIL (Information Technology Infrastructure Library) are highly preferred.
- Experience: Minimum of 5-7 years of experience in technology risk management, IT security, cybersecurity, or audit in the banking or financial services industry.
- Regulatory Knowledge: Strong understanding of CBK ICT Risk Guidelines, Basel Accords, NIST Cybersecurity Framework, GDPR, Kenya Data Protection Act, and ISO 27001.
Key Competencies & Skills
- Technology Risk Management – Expertise in IT risk identification, mitigation, and monitoring.
- Cybersecurity & Information Security – Strong understanding of cyber threats, vulnerability management, and data protection regulations.
- IT Governance & Compliance – Knowledge of COBIT, ITIL, and regulatory requirements for technology risk management.
- Incident & Crisis Management – Ability to handle IT incidents, cyber breaches, and business continuity disruptions.
- Audit & Assurance – Experience in conducting IT risk assessments, internal audits, and regulatory compliance reviews.
Work Hours: 8
Experience in Months: 60
Level of Education: bachelor degree
Job application procedure
Interested and qualified? Go to Equity Bank Kenya on equitybank.taleo.net to apply
All Jobs | QUICK ALERT SUBSCRIPTION
