Skip to content

Information Risk Manager – () at Equity Bank Kenya

posted 12 hours ago
Job Overview
Employment Regular
Location Nairobi Kenya
Experience Proven Experience
Education Level Bachelor's Degree
View More in Jobs > Information Technology (ICT)
svg background up
Opportunities Meet Aspirations

Job Purpose
The Manager, Information Risk is responsible for developing, implementing, and managing the group’s information risk management framework. This includes identifying, assessing, mitigating, and monitoring information-related risks, and ensuring appropriate controls on data flows from source systems to the data warehouse/data lake across IT systems. The role works closely with IT, Security, Audit, and Business teams to ensure that information assets are adequately protected, regulatory compliance is maintained, and risk postures align with the organization’s strategic objectives and risk appetite.

Job Responsibilities / Accountabilities

Data Governance

  • Map end-to-end data flows within the group’s systems and ensure the necessary controls are in place for completeness and accuracy of data.
  • Implement and maintain the group’s data and information risk management framework, policies, standards, and procedures in alignment with industry best practices (e.g., ISO 27001, NIST, COBIT) and regulatory requirements.
  • Integrate information risk management activities into the broader enterprise risk management (ERM) framework.

Risk Identification & Assessment

  • Conduct comprehensive information risk assessments (including IT, cybersecurity, and data privacy risks) across systems, applications, processes, and third-party relationships.
  • Identify potential threats, vulnerabilities, and their impact on information assets.
  • Facilitate risk workshops and interviews with stakeholders to gather risk intelligence.

Risk Mitigation & Treatment

  • Develop and recommend risk treatment plans, controls, and countermeasures to mitigate identified risks to acceptable levels.
  • Collaborate with IT, Security, and Business teams to implement mitigation strategies and track their effectiveness.
  • Assist in developing business continuity and disaster recovery plans related to information risk.

Risk Monitoring & Reporting

  • Manage key risk indicators (KRIs) and metrics to continuously monitor the group’s information risk posture.
  • Prepare and present regular, clear, and actionable risk reports to senior management, risk committees, and the Board as required.

Compliance

  • Ensure compliance with relevant information security, data privacy, and industry-specific regulations.

Third-Party Risk Management

  • Lead the assessment of information risks associated with third-party vendors, suppliers, and service providers.
  • Oversee third-party risk assessment processes, including security reviews and contractual compliance checks.

Awareness & Training

  • Contribute to the development and delivery of technology, information, and cybersecurity risk awareness and training programs.
  • Promote a strong risk culture across the organization.

Qualifications

Required Skills and Qualifications

  • Education: Master’s or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or Data Science.
  • Preferred certifications (one or more): Certified Data Management Professional (CDMP), CRISC, CISM, CISA, CISSP, GRCP, relevant cloud security certifications (e.g., AWS Security, Azure Security).
  • Minimum 5+ years of progressive experience in Information Risk Management, Cybersecurity, IT Audit, or IT Governance within a complex organizational environment.
  • Experience in the financial services industry is highly preferred due to its regulatory landscape.
Read More & Apply

Share This Post
Don't miss out on new jobs listing! Follow our channels Today WhatsApp Channel
Disclaimer Opened Career is a free job-posting website that does not charge applicants. We do not support recruitment agents or entities that demand money or favors to expedite the hiring process. Please use our platform responsibly and report any suspicious activity.
Why Opened Career
OUR OBJECTIVES
At Opened Career, we prioritize inclusivity, diversity, and equal opportunities for all individuals, regardless of their backgrounds or experiences. We believe in creating a level playing field where every candidate has the chance to showcase their skills and potential, and every employer has access to a diverse pool of qualified candidates.
CORE VALUES
Innovation
Integrity
Team Work
Excellence
Customer Focus
Professionalism
Filters & Sorting
Select Specialism