Senior Manager, Cyber Defence at Equity Bank Kenya

• The Bank is seeking a Senior Candidate in Information Security Management to bring proven experience from related businesses or organizations. This position will involve Enterprise Security Risk/Vulnerability Assessment and remediation efforts, while providing industry with the best practices direction/oversight and ensuring policy fulfillment.  The selected resource must have strong leadership skills and strong functional experience in Security, along with a strong technical understanding of IT Security.

Job Responsibilities/ Accountabilities: 

• Individual will be engaging and interfacing with multiple project teams, participating in project reviews from an IT Security and Cyber perspective, and MUST to offer solution that aligns to the Bank’s overall strategy.
• Perform expert security analysis the Bank’s systems, data, network and come up with corrective measures.
• Participates as the IT Security Subject Matter Expert throughout the Project Management and System Development Lifecycle (SDLC) to ensure the development of secure network and systems architectures by the strategic and operational projects in the Bank.
• Applicant should have an advance understanding of Internet Protocol networking, Application security and Systems Administration skills in order to Understand and apply the necessary security requirements and controls across the enterprise Bank environment. 
• Knowledge and experience deploying and applying appropriate security control configurations/mitigations, and administering various Operating Systems to include Linux, Windows, MacOSX in standalone, client/server, and cloud-based environments (private, hybrid and commercial).
• The successful candidate will have strong understanding of applying security measures for an enterprise environment with a multitude of information security technologies and be able to provide, from a security perspective, necessary technical oversight & leadership, security design and engineering, and expert advice from initial phases of projects and continue throughout the project lifecycle.
• Must be well versed with International Information Security and Cybersecurity standards and frameworks including but not limited to NIST, ISO27001, COBIT and CIS controls.
• Must be able to identify and apply security policies, mitigation and remediation strategies, and engineered security solutions beginning in the design and development phases through post implementation and assessment phases of project(s).
• Provide Cybersecurity expertise and identify where internal and external controls are necessary and exercising and implementing those controls. Key is the ability to address and apply security controls in real world scenarios and offer mitigating solutions to found weaknesses in related control areas.

Knowledge and Experience 

• BSc and MSc degrees or equivalent experience in IT, computer science and other cyber security related fields.
• Security-related certifications such as CISSO, CISSP, CEH, CISA, CCSP, CISM.
• Minimum of 10 years of experience in IT Security and ISMS.
• Applicant MUST have ability to apply Security during Software implementation and designing.
• Applicant MUST demonstrate knowledge in administration of various Network and Infrastructure technologies.
• The candidate must be prior knowledge and experience in configuration and administration of various security technologies including FIM, DAM, EDR, SIEM, 
• Software security Architecture background, familiarity with Enterprise level applications and tools.
• Comfortable with project development lifecycle to build in secure solutions early in projects.