Never pay for any CBT, test or assessment as part of any recruitment process. When in doubt, contact us
Equity Bank Limited (The "Bank”) is incorporated, registered under the Kenyan Companies Act Cap 486 and domiciled in Kenya. The address of the Bank’s registered office is 9th Floor, Equity Centre, P.O. Box 75104 - 00200 Nairobi. The Bank is licensed under the Kenya Banking Act (Chapter 488), and continues to offer retail banking, microfinance a...
Read more about this company
Role Description:
The role holder will be responsible for overseeing the security framework to ensure security controls are in place in the Bank, identify threat scenarios, quantify risks and work with stakeholders to ensure effective mitigation controls are in place, and ensure compliance with all relevant regulatory requirements. Additionally, he/she will be responsible for overseeing group vulnerability posture (vulnerability management), performing Risk & Control Assessments and design of cybersecurity controls.
Responsibilities:
- Implement the Bank’s cyber security assurance program, enforce the cyber security policy / framework and ensure up-to-date information security policies, standards and cyber risk management plan are in place.
- Drive security and risk assessments with Technology, and work with the Information Security, Enterprise Risk and Audit teams across the Group to review compliance and audit requirements for Information Security and ensure they are addressed.
- Analyse and provide remediation guidance for identified weaknesses or vulnerabilities, validating and verifying appropriate remediation.
- Ensure that Equity Group maintains a current and comprehensive cyber asset and user register.
- Ensure that the Bank maintains a current enterprise-wide knowledge base of its users, devices, application and their relationships.
- Design cybersecurity controls with the consideration of users at all levels of the Bank, including internal (i.e. management and staff) and external users (i.e. contractors/consultants, business partners and service providers), and work closely with the various business and technology teams to identify and select the right security controls to protect Equity’s network & IT infrastructure, cloud and IoT solutions.
- Monitor the control environment, identifying security gaps, evaluating and implementing enhancements.
- Incorporate the utilization of scenario-based analysis to consider a material cyber-attack, mitigating actions, and identify potential control gaps.
- Ensure that the roles and responsibilities of managing cyber risks, including in emergency or crisis decision-making, are clearly defined, documented and communicated to relevant staff.
- Conduct assessments on the effectiveness of the approved cybersecurity program and provide detailed exceptions to the approved cybersecurity policies and procedures.
- Report on any residual risk or security exposures against the security standards, policies and noncompliance and provide actionable recommendations.
- Work with the application functions, network teams and IT infrastructure teams to identify and assist with the implementation of Security policy, process, people and technology improvements.
- Ensure that information systems meet the needs of Equity Group and that they comply with the overall business strategies, ERM framework, risk appetite and ICT policies.
- Evaluate outsourced/third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of Equity Group’s information; validating that security controls are designed properly, perform effectively and align to Group Information Security.
- Keep up to date with the latest security and technology developments, research/evaluate emerging security threats and ways to manage them.
- Participate in organizing of professional cyber related trainings to improve technical proficiency of staff and user awareness trainings for improved cyber hygiene.
- Recommend implementation of capabilities to enable an optimal Information Security control environment; directly responsible for significantly contributing to the overall security posture, stability and resiliency to the Equity environment and security solutions.
- Use of advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Ensure timely update of the incident response mechanism and Business Continuity Plan (BCP) based on the latest cyber threat intelligence gathered.
- Put in place BCP and disaster recovery test plans to ensure that the Bank can continue to function and meet its regulatory obligations in the event of an unforeseen attack through cyber-crime.
- Ensure adequate backups of critical IT systems and data, in line with predetermined recovery objectives, are carried out to a site that is unlikely to be affected by a disaster event at the main processing site.
- Conduct regular benchmarking with other companies and organizations within and outside the industry.
Qualifications:
- Bachelor’s degree in Information Technology, Information Security/Assurance, Engineering or similar area of study.
- Hold relevant industry certifications (CISSP, CEH, CISA, CISM, etc.).
- Minimum 6 years of experience, with at least 2 in management and 4 years in technical assurance.
- Experience in vulnerability management and penetration testing in applications, APIs, network devices configuration review, network architecture review etc.
- In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management etc.
- Experience with industry standard frameworks (ISO 27000, NIST, PCI DSS).
- Knowledge of various operating system flavors including but not limited to Windows, Linux, Unix.
- Knowledge of applications, databases, middleware to address security threats against the same.
- Knowledge of a number of the following security concepts & controls: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM).
- Ability to effectively provide briefing to the business stakeholders regarding ongoing security incidents and threat Levels.
go to method of application »
Role Description:
The role holder will be responsible for overseeing the security framework to ensure security controls are in place in the bank, direct the cyber security strategy, identify threat scenarios quantify risks and work with stakeholders to ensure effective mitigation controls are in place and ensure compliance with all relevant regulatory requirements. Additionally, he/she will be responsible for overseeing group vulnerability posture (vulnerability management), performing Risk Control Assessments and design of cybersecurity controls.
Responsibilities:
- Create and maintain technical standards and baselines for security and network solutions across the organization.
- Perform security assessments including VAPT on the LAN environment, hence, providing assurance on the network posture.
- Perform database security reviews (VAPT, security configuration among others).
- Understand network access control.
- Support the implementation of security critical controls across Group.
- Maintaining LAN, WLAN, and architecture of the Network as per the business policy.
- Measure, analyze and implement new security protocols for greater efficiency against any threat or malfunctions.
- Generating and maintaining the virtual private network, firewalls, web protocols and email security decorum.
- Investigations of Network Security breach alert.
- Drive the implementation of Security standards for Network devices across the Group.
- Conduct periodic security reviews on the Network infrastructure and reviewing connection matrix.
- Monitoring of web security gateways, perimeter security, network access controls, endpoint security.
- Ensure the Group maintains a current enterprise -wide knowledge base of its users, devices, application, and their relationships.
- Keep up to date with the latest security and technology developments, research/ evaluate emerging security threats and ways to manage them.
- Design cybersecurity controls with the consideration of users at all levels of the organization, including internal (i.e. management and staff) and external users (i.e. contractors/consultants, business partners and service providers).
- Support the maintenance of ISO standards and certifications.
- Provide support with review of 3rd Party connections across Group.
- Organizing professional cyber related trainings to improve technical proficiency of staff and user awareness trainings for improved cyber hygiene.
- Participate in the implementation of network security initiatives as per the cybersecurity strategy.
- All material cybersecurity events that affected the Bank during the period.
- Reporting to the Board, at least quarterly, on EQUITY’S capability to manage cybersecurity and progress in implementation of the cybersecurity strategy and goals.
- Ensure timely update of the incident response mechanism and Business Continuity Plan (BCP) based on the latest cyber threat intelligence gathered.
- Conduct oversight over and provide directions to any third-party service provider contracted to perform operational security functions such as information security monitoring, testing and threat intelligence.
- Use of advanced analytic tools to determine emerging threat patterns and vulnerabilities.
- Drive implementation of capabilities to enable optimal Information Security control environment; directly responsible for significantly contributing to the overall security posture, stability and resiliency to the EQUITY environment and security solutions.
- Create and maintain security roadmap requirements by monitoring the control environment; identifying security gaps; evaluating and implementing enhancements.
- Evaluate and manage outsourced / third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of EQUITY’s information; validate that security controls are designed properly, perform effectively and align to Group Information Security.
- Work with the application functions, network teams and IT infrastructure teams to identify and assist with the implementation of Security policy, process, people and technology improvements.
- Analyse and provide remediation guidance for identified weaknesses or vulnerabilities, validating and verifying appropriate remediation.
- Work closely with the various business and Technology teams to identify and select the right security controls to protect EQUITY’s network & IT infrastructure, cloud and IoT solutions.
Qualifications:
- 5+ years of relevant work experience in Information Technology (specifically security).
- 5+ years’ experience in core network technologies of a telecom or Banking environment.
- Experience in designing and implementing organization wide information security Network architecture and framework.
- Experience in managing and implementing large scale information security Network projects.
- Advanced working understanding of the information technology and Networking environment of a Financial and Technology driven Organization.
Preferred certifications:
- CCNA, CEH, CCNP, Network + or equivalent.
- CISSP, CISM (added advantage)
go to method of application »
Role Description:
The Infrastructure & Platform Security Architect will be responsible for designing, implementing, and overseeing security strategies and architectures for our infrastructure and platform services. You will work closely with other IT and security teams to ensure that all infrastructure components and platforms are secured against evolving cyber threats and comply with industry best practices and regulations.
Responsibilities:
- Develop and maintain security architectures for infrastructure and platforms (on-premise, cloud, and hybrid environments), ensuring scalability, resilience, and secure operations.
- Define and implement security standards for various platforms including cloud services (AWS, Azure, GCP), on-premise data centers, and containerized environments (Docker, Kubernetes).
- Lead efforts to harden network infrastructure, servers, storage, databases, and virtual environments by applying best practices in access control, encryption, logging, monitoring, and vulnerability management.
- Conduct security assessments of existing and new infrastructure, platforms, and services. Provide guidance and recommendations to mitigate security risks.
- Collaborate to design and implement IAM solutions and ensure strong authentication, authorization, and role-based access control (RBAC) policies across all platforms.
- Work closely with the SOC and incident response teams to identify security incidents related to infrastructure and platform services and respond accordingly. Recommend detection and prevention strategies for infrastructure-based attacks.
- Collaborate with DevOps, IT operations, cloud engineering, and application development teams to embed security controls in CI/CD pipelines and infrastructure as code (IaC) practices.
- Ensure compliance with industry regulations (e.g., GDPR, PCI-DSS, ISO 27001) and corporate security policies by establishing security standards and controls across all platforms.
- Engage in the implementation of security tools and technologies such as firewalls, IDS/IPS, VPNs, endpoint protection, encryption mechanisms, and cloud security solutions.
- Develop and maintain security architecture blueprints, standards, guidelines, and procedures. Provide governance oversight and ensure adherence to security policies across the enterprise.
Qualifications:
- Education: A Degree Computer Science, Information Technology, Cybersecurity, or a related field (Masters’ degree, an added advantage).
- Experience: Minimum of 4-7 years of experience in Information Technology, with at least 2 years in practical security engineering especially on infrastructure and platforms.
- Deep understanding of network security principles, protocols, and standards (e.g., TCP/IP, DNS, BGP, SSL/TLS, VPNs, etc.).
- Hands-on experience with securing cloud platforms (AWS, Azure, GCP) and virtualization technologies (VMware, Hyper-V).
- Experience with securing hybrid environments, including on-premise and cloud infrastructure.
- Proficient in designing secure architectures for cloud platforms, data centers, and containerized environments.
- Strong knowledge of encryption techniques, VPN technologies, and secure remote access solutions.
- Familiarity with security tools like SIEM, firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), and network monitoring tools.
- Experience with network segmentation and micro-segmentation techniques.
- Understanding of DevSecOps principles and their application to network security.
- Certifications (Preferred):
- CompTia Security+
- CompTia Advanced Security Professional
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Cloud certifications (e.g., AWS Certified Security Specialty, Azure Security Engineer Associate)
go to method of application »
Role Description:
The Network Security Architect will be responsible for designing, implementing, and managing the organization’s network security infrastructure to ensure the confidentiality, integrity, and availability of enterprise data and systems. You will work closely with other architects, IT teams, and security engineers to align network security solutions with business goals and industry best practices.
Responsibilities:
- Architect and implement secure network infrastructure, including segmentation, firewalls, VPNs, intrusion detection systems (IDS), and intrusion prevention systems (IPS).
- Lead the design and deployment of Zero Trust security frameworks to enhance network defenses and control access.
- Develop and implement secure network architectures for hybrid and multi-cloud environments (AWS, Azure, GCP).
- Oversee configuration and management of firewalls, routers, proxies, and load balancers to enforce security policies and protect the network perimeter.
- Design network segmentation to mitigate risk and ensure secure access controls across different layers of the enterprise network.
- Design and manage VPNs and other remote access solutions to ensure secure communications for remote users.
- Collaborate with the SOC team to implement effective monitoring, detection, and incident response mechanisms for network security events.
- Conduct regular network security risk assessments, identify vulnerabilities, and recommend mitigation strategies.
- Work closely with IT and DevOps teams to integrate security into networking and infrastructure projects.
- Ensure that network security architectures adhere to industry regulations and standards (e.g. PCI-DSS, NIST, GDPR, etc.).
- Evaluate new technologies, tools, and services that can improve network security, scalability, and performance.
- Maintain accurate and up-to-date documentation of network security architectures, policies, and procedures.
- Provide guidance and mentorship to junior security engineers and network administrators.
Qualifications:
- Education: A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study (Masters’ degree, an added advantage).
- Experience: Minimum of 5-8 years of experience in network security or related fields, with at least 3 years in an architect or senior-level role.
- Deep understanding of network security principles, protocols, and standards (e.g., TCP/IP, DNS, BGP, SSL/TLS, VPNs, etc.).
- Hands-on experience with firewall configuration, IPS/IDS, VPNs, and network access control (NAC) systems.
- Expertise in deploying and managing secure network architectures in cloud environments (AWS, Azure, GCP).
- Experience with Zero Trust Architecture principles and implementation.
- Strong knowledge of encryption techniques, VPN technologies, and secure remote access solutions.
- Familiarity with security tools like SIEM, firewalls (e.g., Palo Alto, Cisco ASA, Fortinet), and network monitoring tools.
- Experience with network segmentation and micro-segmentation techniques.
- Understanding of DevSecOps principles and their application to network security.
- Certifications (Preferred)
- CCNP Security, CISSP or CISM
- Certified Information Systems Security Professional (CISSP)
- Certified Ethical Hacker (CEH)
- Cisco Certified Network Security Architect (CCNA/CCNP Security)
- Cloud certifications (e.g. AWS Certified Solutions Architect, Azure Security Engineer)
go to method of application »
Role Description:
The Cloud Security Architect will be responsible for designing, implementing, and maintaining the security architecture for Equity’s cloud environments. This role requires a deep understanding of cloud platforms, security best practices, and a proactive approach to safeguarding Equity’s assets in the cloud. The Cloud Security Architect will work closely with development, operations, and security teams to ensure the cloud infrastructure and applications are secure, compliant, and resilient against modern threats.
Responsibility:
- Design and implement a comprehensive security architecture for cloud platforms such as Oracle Cloud Infrastructure, Azure, and Huawei Cloud Platform (HCP), ensuring it aligns with the overall enterprise security strategy.
- Define and implement security controls for cloud services, including identity and access management (IAM), encryption, key management, data protection, and network security.
- Establish cloud security policies, standards, and procedures to ensure compliance with regulatory requirements (GDPR, PCI-DSS, HIPAA, etc.) and security best practices.
- Conduct security assessments, vulnerability scans, and penetration testing to identify security risks in the cloud infrastructure. Provide recommendations for risk mitigation and security improvements.
- Lead efforts to harden cloud services and environments by configuring appropriate security settings, monitoring access controls, and enforcing security baselines.
- Design and implement IAM frameworks, role-based access control (RBAC), and multi-factor authentication (MFA) for secure user and application access to cloud resources.
- Work with DevOps and development teams to integrate security into CI/CD pipelines and cloud-native application development (DevSecOps). Implement automation to ensure security is maintained across cloud deployments.
- Collaborate with the Security Operations Center (SOC) and Incident Response teams to monitor, detect, and respond to cloud-specific security threats. Implement cloud-native security monitoring solutions if required.
- Ensure cloud environments comply with internal security policies and external regulatory standards. Work with compliance teams to implement audit controls and manage third-party audits of cloud infrastructure.
- Provide cloud security guidance and best practices to technical teams and ensure that secure coding, deployment, and management practices are followed.
- Advise on the security implications of migrating on-premises workloads to the cloud. Provide security guidance for hybrid and multi-cloud environments, ensuring consistency in security controls.
- Maintain documentation for cloud security architectures, configurations, and processes. Produce regular reports on cloud security posture and recommend actions for improvements.
Qualifications:
- Education: A Degree in Computer Science, Information Security, Cybersecurity, or a related field (Masters’ degree, an added advantage).
- Experience: Minimum of 5-8 years of hands-on experience in information security, with at least 2+ years focused on cloud security.
- Proven experience designing and securing cloud-native services such as containers (Docker, Kubernetes), serverless architectures (AWS Lambda, Azure Functions), and microservices.
- Familiarity with cloud security frameworks and guidelines (e.g., Cloud Well-Architected Framework, CIS Benchmarks, Cloud Security Alliance Cloud Control Matrix).
- Experience with cloud-native security tools and services.
- Expertise in deploying and managing secure network architectures in cloud environments (Azure, HCP, OCI).
- Knowledge of secure cloud networking (VPCs, security groups, network peering) and data protection practices.
- Expertise in designing secure cloud infrastructure using Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, and Ansible.
- Deep understanding of cloud security controls, including identity and access management (IAM), Data Encryption, Keys & Secrets Management, Firewalls, VPNs, and security groups.
- Certifications (Preferred):
- Certificate of Cloud Security Knowledge (CCSK) or Certified Cloud Security Professional (CCSP).
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
- AWS Certified Security – Specialty or Microsoft Azure Security Architect or Microsoft Azure Security Engineer.
go to method of application »
Role Description:
The Bank’s Security Operations Center (SOC) team is responsible for monitoring, assessing, and defending Bank Information Systems and data. The team continuously develops and investigates correlated security event feeds, escalating any identified security incidents. SOC serve as the primary contact for any suspected security incidents, working together with other remediation teams, resolving incidents, and foiling Cyber Security threats against the Bank.
Responsibilities:
- Support, troubleshoot, configure, manage, and upgrade SIEM, NTA, AV, DLP, email security, VPN, WAF and a wide variety of other security products.
- Perform network troubleshooting to isolate and diagnose common network problems, using strong TCP/IP networking skills.
- Installation, setup / configuration, troubleshooting, tuning, diagnostics, and maintenance of IT security related equipment.
- Carry out proactive and reactive administration on networking and associated applications ensure adherence to process.
- Respond to inbound requests via phone and other electronic means for technical assistance with managed devices.
- Respond in a timely manner (within documented SLA) to configuration, maintenance, incident management, and other requests.
- Document actions in ticketing system to effectively communicate information internally and to customers.
- Implement policy changes.
- Automation of tasks to reduce manual operations.
- Troubleshoot L2/3 escalated issues and be a single point of contact for management of current security infrastructure.
- Handle network/application security vulnerability.
- Efficiently handles operations and analysis of security incidents.
- Design, implement, enhance, and manage security infrastructure.
Qualifications:
- Minimum of 5 years of work experience in information and Cyber Security within the Financial Services sector.
- Bachelor’s degree of Computer Science or relevant, or equivalent experience.
- Cyber security certifications required.
- Understanding of Cyber Security best practices, perform architectural risk analysis and threat modeling, conduct security testing is a Plus.
- Practical expertise with TCP/IP networking required.
- Experience with Linux, Windows and Network Operating Systems required.
- Strong working knowledge of routing and access control devices required.
- Firewalls including IPS, DLP, Anti-Virus, identity awareness, URL filtering.
- Strong hands on SIEM tool configuration & management experience such as ArcSight, Imperva DAM, TripWire, Darktrace.
- Tools like Nmap, Nessus, and Wireshark and capturing, reading and analyzing PCAPs.
- Experience of configuration & management of email filtering technologies.
- Enterprise desktop and server Anti-Virus, active directory, GPO configuration, Endpoint protection technologies.
- Microsoft windows server/VMWare VSphere and associated technologies.
- LAN & WAN networking using routers, switches and infrastructure products.
- System center and configuration Manager.
- Ability to write scripts in Linux and/or windows environments (e.g. PowerShell) at an intermediate - advanced level.
- Broad technical understanding across Information Security (e.g. incident response, intrusion, attack monitoring, networks, threat and vulnerability management).
- Automation using scripting languages like Python/Bash.
- Knowledge of machine learning and artificial intelligence concepts is a plus.
Method of Application
Use the link(s) below to apply on company website.
Build your CV for free. Download in different templates.