Digital Governance and Compliance Lead - Subsidiaries at Equity Bank Kenya

Job Purpose

The subsidiaries’ Digital Governance & Compliance officer plays a key role in implementing the IT and operational governance requirements for Equity Groups Banking subsidiaries in Uganda, Rwanda, Tanzania, DRC, and South Sudan. They will work alongside the subsidiaries’ IT Heads and Group Digital Governance team to ensure effective audit issue management, implementation, and compliance to applicable standards and conformance to policies and SOPs. They should be versatile and well versed in leading technology standards, policies, internal controls assurance, compliance, audit, and risk management.

Job Responsibilities/ Accountabilities:

• Work with stakeholders, at the Subsidiaries and Group, in the remediation of compliance and audit gaps in order to ensure achievement of audit issue closure targets and certification compliance for adopted standards
• Support IT and Operations teams to embed guidelines for effective audit issue management i.e. effective exit meetings, root cause analysis for findings, corrective action and remediation planning & timing, accountability, and tracking closure of audit issues
• Work with the other assurance functions (Internal Audit, Risk Management, Compliance, and Fraud) in tracking risk factors that can result in non-compliance and audit gaps across IT and operations
• Support in the identification of pervasive root causes driving non-compliance and audit gaps and advice on the changes required to policies, processes, and SOPs
• Support subsidiaries in implementing adopted technology, security, and operational standards and frameworks e.g. ISO 20000, 27001, 22301, PCI DSS, SWIFT Customer Security Controls (CSCF) among others
• Customize adopted technology, security, and operational and standards into subsidiaries policies, processes, and procedures (technology and operations)
• Support the IT and operations units to develop new and improve on existing processes and SOPs in line with technology policies, adopted standards, and in-country regulations
• Support third parties (consultants, external auditors, and assessors) involved in compliance reviews, audits, and assessments of the subsidiary Bank’s technology platforms and operations
• Update progress on the annual schedule for compliance reviews, audits, and assessment and support the logistical planning as required  
• Provide timely progress reports for assigned tasks/projects and also support the monthly, quarterly and annual management and Board level reporting.

Qualifications

Key Critical Competencies:

• A high degree of professionalism and personal integrity
• Excellent time management skills
• Good analytical and reporting skills
• Demonstrated ability to work in an agile workplace and effectively balance multiple responsibilities
• Ability to work with a high degree of independence while being a good team player
• Strong knowledge and understanding of internal controls and risk management frameworks like IIA IPPF, COSO
• Understanding of IT governance frameworks like COBIT and ITIL
• Good knowledge of PCI DSS, SWIFT CSCF requirements, and ISO standards (20000, 27001 & 22301)

Academic Qualifications and Competencies:

• At least 2 years of experience in Information Technology in the field of IT Governance, IT Risk Management, Information Security and/or IT Service Management
• A university degree in Computer Science, Information Technology, and/or related field
• Recognized certification in information systems management and/or security e.g. CISA, CISM, CGEIT, CRISC, ITIL etc.
• Preferred – Experience in working in banking environment will be an added advantage
• Preferred – COBIT 5 or COBIT 2019 certified (Foundation, Implementation or Assessor levels)
• Preferred - Certified as ISO Lead Implementer or Lead Auditor for ISO 20000, ISO 27001 and/or ISO 22301