Group Head of IT Governance at Equity Bank Kenya

Job Purpose:

The Group head of IT Governance leads a diverse team of IT professionals and is responsible for providing leadership/direction to establish IT governance principles and frameworks that drives initiatives to increase people and organizational capabilities across the IT function. He/She will ensure the appropriate and robust governance policies, processes and controls are developed implemented, kept up to date and adhered to across all IT functions He/She will be responsible for the identification and adoption of best practise standards frameworks and guidelines for IT Governance in the quest for building robust IT policies processes and controls.

Qualifications

 
Job Responsibilities/ Accountabilities:

• A. Governance Compliance and audit 
  • Responsible for the process for remediation of compliance and audit gaps to ensure certification, re-certification, and compliance to adopted standards and achievement of audit issue closure targets 
  • Ensure Implementation of the Audit Issue Management Framework focused on embedding guidelines for effective exit meetings, root cause analysis for findings, corrective action and remediation planning & timing, accountability and tracking closure of audit issues
  • Responsible for logistic and communications for third parties (consultants, external auditors, and assessors) involved in compliance reviews, audits and assessments of the Bank’s technology platforms and operations
  • Lead in implementing of best practices for effective and timely remediation of audit and compliance gaps in IT and Operations
  • Deep understanding of where technology initiatives overlap and intersect, collaborating to avoid duplication and identifying best practices that can be utilized to support the wider organization.
  • Lead in developing IT governance model and processes to achieve a flexible, efficient approach continuously improving processes and aligning with group governance to maximize effectiveness.
  • Responsible for IT and Operations teams to embed guidelines for effective audit issue management i.e., effective exit meetings, root cause analysis for findings, corrective action and remediation planning & timing, accountability, and tracking closure of audit issues.
  • Responsible for the establishment of a strategic, operational, and technical decision-making process required to ensure that IT services are aligned to the organization’s priorities and risk appetite
  • Lead the execution of IT procurement, disaster recovery drills and IT SLAs and services continuity, and frameworks implementation and certification processes, such as ITSM, Uptime, and ISO.
  • Ensure visibility, escalation, and management of IT risks inherent in the delivery of technology services
  • Work collaboratively with other corporate oversight functions to identify and implement consistent and effective approaches to risk governance and control-based activities.
• Digital Change management
  • Ensuring that change management activities and meet the different needs and values of the individual teams across the IT function maximizing impact and minimizing employee resistance.
  • Custodian and owner of the change management policy, as well as supporting processes and SOPs, responsible for implementation and enforcement and coordinating and conducting the Change advisory board (CAB) engagement sessions to deliberate on changes in progress
  • Leading, influencing, diagnosing, and developing recommendations to solve complex, organization, and process-specific change.
  • Ensuring specific metrics and measures are incorporated into solutions enabling continuous improvement.
  • Ensure Maintenance and monitoring key performance and key risk indicators and escalate breaches in triggers or limits.
  • Lead in reporting on risks and apply recommendations for corrective and preventative action, whilst identifying opportunities to reduce risks.
  • Governance of the operational estate, ensuring appropriate change controls, IT Service Management processes and security controls are followed
  • Responsible for Documentation and maintaining of Change Management policy, processes, and standards.
  • Lead in research on latest technologies and best practice to support continuous improvements in systems and applications’ quality and efficiency and ensure seamless change management.
  • Ensure review and enhancement of the current process designs and discuss recommendations with teams
• Digital Standards and Policies
  • Ensure the development of the standards, policies, and guidelines to meet regulatory requirements. • Responsible for the implementation process for adopted technology, security and operational standards and frameworks e.g., ISO 20000, 27001, 22301, PCI DSS, SWIFT Customer Security Controls (CSCF) among others
  • Responsible for maintenance of the Bank’s adopted standards by ensuring successful surveillance reviews, attestations, and recertification audits
  • Ensuring day to day implementation of adopted standards requirements, processes, and controls
  • Lead the Bank’s implementation teams for adopted standards and frameworks; interface with third parties and handle the logistical planning for assessment procedures
  • Responsible for translating adopted technology, security and operational and standards into Bank policies, processes, and procedures (technology and operations)
  • Ensure compliance and conformance to technology and operational policies, processes and SOPs, measure and report on compliance and conformance to the policies, processes, and SOPs
  • Lead IT and operations units to develop new and improve on existing processes and SOPs in line with technology policies and adopted standards
  • Responsible for developing and maintain the annual schedule for compliance reviews and assessment for adopted standards and perform the logistical planning
  • Recommend and prescribe applicable technology and operations standards or frameworks that can be adopted by the Bank to improve IT service delivery, security, and efficiency
  • Advise on performance against established risk tolerance and performance objective
  • Perform any other duty as assigned by the supervisor Core skills required
  • A deep understanding Knowledge of IT Governance frameworks and the applicability in different industries 
  • Robust Knowledge of IT risk management and IT controls assurance Frameworks like COSO etc. 
  • Strong problem-solving skills; comfortable tackling complex problems and breaking these down into manageable pieces. 
  • Strong power point presentation creation and design.
  • Conceptual and practical thinking and implementation skills. 
  • Excellent communication skills to be able to have detailed and complex conversations/ negotiations with senior management, internal and external stakeholders 
  • Demonstrated ability to lead others in understanding, accepting, and demonstrating safety standards and procedures
  • Negotiation Skills and Strategic Thinking
  • Understand the IT governance within a corporate environment (Advanced)
  • Practical experience in the implementation of IT policies and procedures.
  • Experience in the monitoring of IT risk and security controls to ensure compliance
• Perform any other duty as assigned by the supervisor.

Key Qualifications:

• Bachelor’s degree in Computer Science, Management Information Systems, Information Technology, Electrical / Electronic Engineering, Telecommunications, or any other IT related field
• Post Graduate qualifications in Computer Science, Business Administration, Information Systems, or related Postgraduate degree will be an added advantage
• Professional certification on IT governance and assurance e.g. CISM, CGEIT, COBIT
• Certified and working understanding of COBIT, ITIL, TOGAF.
• Minimum 5 years’ experience in IT exposure
• Minimum of 3 years’ experience in a Leadership role in a large organization