IT Risk Specialist job at Equity Bank
Website :
845 Days Ago
Linkedid Twitter Share on facebook

Vacancy title:
IT Risk Specialist

[ Type: FULL TIME , Industry: Banking , Category: Computer & IT ]

Jobs at:

Equity Bank Kenya

Deadline of this Job:
13 August 2022  

Duty Station:
Within Kenya , Nairobi , East Africa

Summary
Date Posted: Monday, August 01, 2022 , Base Salary: Not Disclosed

Similar Jobs in Kenya
Learn more about Equity Bank Kenya
Equity Bank Kenya jobs in Kenya

JOB DETAILS:
IT Risk Specialist

The Role
The IT Risk Specialist role is highly technical and challenging with opportunities to be part of a team that will have a meaningful impact. The is expected to possess a adequate understanding of both cyber security and information technology and should understand concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations. He should be able to learn advanced concepts such as endpoint protection evasion, covert operations, and tailored exploit development.
The role leverages previous penetration testing and Red Team experience. This may involve delivering Threat Intel-led Red Team exercises, developing social engineering test campaigns and the associated collateral, executing phishing campaigns and attempting to compromise internet-facing systems, conducting privilege escalation and lateral movement within the group’s networks, hunting for objectives with little-to-no information provided at hand and attempting to exfiltrate data from the network; all while avoiding detection from the bank’s security operations teams. The role will require you to perform exploits at scale while remaining stealthy, identify and exploit misconfigurations in the corporate infrastructure, quickly and effectively parse data, present relevant data in a digestible manner, think well outside the bo

Responsibilities
• Support the review and update of the technology risk management framework on an annual basis with the changes in the environment.
• Review technology policies, processes and procedures identify potential opportunities for improvement and alignment.
• Working across the technology department to analyze and better understand their risk profile.
• Review IT initiatives from technology risk perspectives and provide advisory and recommendation.
• Supervise the IT disaster recovery measures deployed across the group.
• Defining a risk and control methodology and framework to use in conducting risk assessments.
• Proactively managing risks so that there are no major incidents, breaches, or examples of non-compliance.
• Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls activities.
• Support the definition of the technology risk appetite statements
• Monitor Key Risk Indicators (KRIs) and report on deviation from defined technology risk appetite.
• Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management.
• Increase awareness and enhance risk culture across the organization and provide day to day risk and control advise as trusted 2nd line subject matter expert.

The Ideal Candidate
• Bachelor’s degree in Computer Science, Information and Cyber Security, Technology or equivalent
• 5 years of relevant in information security or risk management, audit, information assurance preferably in Banking and Financial sector
• Must have CISA (Certified Information Systems Auditor) certification
• CISSP (Certified Information Systems Security Professional) * Added advantage
• Must have CCSP (Certified Cloud Security Professional) certification
• Other ISACA related Certification (e.g., CISM, CRISC or CGEIT) * Added advantage
• Consistently able to demonstrate or articulate value proposition
• Candidates must have hands on experience in performing risk assessments in diverse technology environments
• Good understanding of technology infrastructure, networks, and database management systems.
• Good understanding of cloud computing technologies and Microsoft Azure environment.
• Expertise in Linux machine recommended Kali and parrot.
• Familiar with various operating systems and databases
• Ability to both assess priorities and to focus on work in a structured fashion which delivers results
• Sound judgement and anticipation
• Strong integrity, independence, and resilience
• Deliver with minimal supervision.
• Avid researcher of best practices and happenings in the global cyber space.
• Engage key stakeholders on actions required.
• Team player and contributor
• Strong problem-solving, persuasive skills and an ability to grasp abstract concepts and complex technology situations to challenge the status quo and further develop and build on our IT Risk Management Framework.
• Excellent communication skill, both verbal and written, with the ability to initiate and lead conversations with technology and business leaders and risk colleagues regarding anticipated and emerging issues.



Work Hours: 8


Experience in Months: 60

Level of Education:
Bachelor Degree

Job application procedure

Interested and qualified? Click here to apply


All Jobs

QUICK ALERT SUBSCRIPTION

Job Info
Job Category: Computer/ IT jobs in Kenya
Job Type: Full-time
Deadline of this Job: 13 August 2022
Duty Station: Nairobi
Posted: 01-08-2022
No of Jobs: 1
Start Publishing: 01-08-2022
Stop Publishing (Put date of 2030): 01-08-2066
Apply Now
Notification Board

Join a Focused Community on job search to uncover both advertised and non-advertised jobs that you may not be aware of. A jobs WhatsApp Group Community can ensure that you know the opportunities happening around you and a jobs Facebook Group Community provides an opportunity to discuss with employers who need to fill urgent position. Click the links to join. You can view previously sent Email Alerts here incase you missed them and Subscribe so that you never miss out.

Caution: Never Pay Money in a Recruitment Process.

Some smart scams can trick you into paying for Psychometric Tests.