Equity Bank Limited (The "Bank”) is incorporated, registered under the Kenyan Companies Act Cap 486 and domiciled in Kenya. The address of the Bank’s registered office is 9th Floor, Equity Centre, P.O. Box 75104 - 00200 Nairobi. The Bank is licensed under the Kenya Banking Act (Chapter 488), and continues to offer retail banking, microfinance and relat...
Read more about this company
The IT Policy and Procedure Lead is responsible for overseeing the creation, management, and enforcement of IT policies, standards, and procedures that support the organization’s strategic, regulatory, and operational objectives. This role plays a critical function in ensuring that IT operations are compliant, secure, consistent, and aligned with industry best practices and internal governance frameworks.
Key Responsibilities:
Policy Development & Governance
Develop, document, and maintain IT policies, standards, guidelines, and procedures.
Establish a policy framework that ensures all documents are consistent, easy to understand, and aligned with legal and regulatory requirements.
Collaborate with IT, legal, compliance, audit, and business units to identify policy needs and ensure broad alignment and understanding.
Manage policy lifecycle including creation, review, approval, distribution, training, and periodic audits.
Regulatory & Standards Compliance
Ensure IT policies comply with relevant laws, standards, and regulations (e.g., GDPR, ISO 20001, ITIL, COBIT2019, HIPAA, ISO 27001, NIST, PCI-DSS).
Conduct gap analyses and coordinate updates to policies in response to new or updated regulations.
Support internal and external audits by providing policy documentation and evidence of compliance.
Risk Management & Control Assurance
Collaborate with IT Risk Management teams to integrate risk assessment outcomes into the policy framework.
Help ensure technical and organizational controls are well-documented, implemented, and communicated across teams.
Assist with the development and implementation of control measures to address non-compliance or policy deviations.
Communication, Training & Awareness
Lead communication and education campaigns around IT policies and compliance expectations.
Develop and deliver training sessions, workshops, and awareness materials for technical and non-technical audiences.
Act as the primary point of contact for policy inquiries, exceptions, and clarifications.
Continuous Improvement
Monitor technology trends and regulatory changes to proactively recommend policy updates.
Regularly evaluate the effectiveness of policies and procedures and identify areas for improvement.
Implement metrics and reporting to track policy compliance and awareness across the organization.
Required Qualifications:
Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, Business Administration, or a related field.
Minimum 2-3 years of experience in IT governance, risk, compliance, or policy management.
Demonstrated experience in writing and managing technical documentation and regulatory compliance artifacts.
Gmail
Yahoomail