Group Technology Compliance Manager at Equity Bank Kenya

Job Description

Job Purpose

The Group Technology Compliance Manager is responsible for ensuring that the organizations technology systems and processes adhere to relevant laws, regulations, industry standards and internal policies.

Develop, implement, and manage a comprehensive IT compliance program that ensures the organization’s IT systems, processes, and practices adhere to all relevant laws, regulations, industry standards, and internal policies, with a particular focus on data protection, cybersecurity, and IT Governance.

Job Responsibilities/ Accountabilities: 

Develop, implement and maintain compliance programs for key frameworks and regulations, including but not limited to ISO 27001, ISO 20000, ISO 22301, PCI DSS, GDPR, SWIFT Customer Security Program (CSP) and PSP as mandated by the Group.
Tailor compliance programs to address data protection, cybersecurity, and IT governance requirements specific to the organization’s industry, geographic location, and business objectives.
Establish and maintain a compliance calendar to ensure timely completion of all required compliance activities.
Responsible for conducting regular assessments and audits to identify compliance gaps, manage risk assessments and ensure that necessary controls are in place to mitigate compliance risks and maintain certifications.
Ensure that IT policies and procedures are aligned with regulatory requirements and industry best practices.
Provide consultative support to engineering teams and business partners to identify opportunities for control improvements with the objective of mitigating risk and improving operational performance
Act as primary point of contact for audits, facilitate written business responses to audit findings and develop action plans with key stakeholders
Collaborate with cross-functional teams to provide training, insights and guidance on compliance best practices.
Stay up to date with regulatory changes to adapt the organizations policies and risk control landscape periodically to reflect regulatory changes.
Communicate compliance updates and requirements to all stakeholders in a timely and effective manner.
Prepare detailed reports for senior management and regulatory bodies ensuring transparency in compliance efforts
Promote a culture of accountability within the organization’s technological practices.

Qualifications
Knowledge and Experience 

Bachelor’s or Master’s degree in Information Technology, Computer Science, or a related field.
Hold relevant industry certifications (CGEIT, CRISC, CISM, CISSP, ITIL etc)
Minimum 8 years of experience in Information Technology with at least 4 years of proven experience in IT Governance, Risk Management, and Compliance.
Strong knowledge of IT Governance frameworks (e.g., COBIT, ITIL, ISO 27001).

Key Critical Competencies & Skills 

Excellent in preparation of reports, dashboards and documentation
Excellent leadership, communication and problem-solving skills
Ability to handle high pressure situations and complex projects with key stakeholders.
Good analytical skills; ability to provide intuitive reports & dashboards from a variety of data sources. 
Proficiency in analysis and presentations skills using MS Excel, MS Word and MS PowerPoint.