Senior Manager Security Technology Roadmap & COE at Equity Bank Kenya

Purpose of the Role:

The Senior Manager: Advanced Cyber Security & Emerging Technologies is responsible for strengthening Equity Group’s cyber resilience by leading the design, implementation, and continuous improvement of advanced security capabilities across the Group. Operating within the Group Cyber Security Team, the role ensures that emerging technologies and modern security architectures are evaluated, adopted, and governed in alignment with the Group’s strategic objectives, regulatory requirements, and risk appetite. The position provides subject matter expertise on advanced cyber security controls, drives innovation in security architecture, and safeguards the Group’s digital platforms, including banking, FinTech, and digital channels—across all subsidiaries and jurisdictions. By proactively addressing evolving threats and leveraging modern security frameworks.

Job Responsibilities/ Accountabilities:

•  Lead the measurement of effectiveness for advanced cyber security and emerging technology controls, ensuring continuous improvement and addressing areas of low performance. 
•  Enhance and optimize security reporting mechanisms to demonstrate the business value and risk reduction benefits of advanced cyber initiatives. 
• Oversee the security posture of IT infrastructure in international and regional operations, ensuring global alignment with Group security standards. 
• Ensure compliance with internal policies, industry frameworks, and regulations (e.g., NIST, ISO27001/22301, GDPR, PCI-DSS).
• Drive the execution of the Security Roadmap to maintain and optimize the Advanced Cyber Security & Emerging technologies / controls capability.
•  Monitor global information security and technology trends, advising the GM – Security Architecture on opportunities to adopt and operationalize emerging solutions (e.g., Zero Trust, AI/ML in cyber, Cloud & IoT security).
•  Identify and exploit opportunities for reusability, automation, and standardization across cyber projects to increase efficiency and reduce cost. 
•  Contribute to the enterprise security technology roadmap, ensuring alignment with business strategy, risk appetite, and digital transformation objectives. 
•  Oversee the implementation and effectiveness of advanced security controls (threat detection, data protection, cloud security, and endpoint resilience).
•  Guide the deployment of new infrastructure security capabilities through a structured governance and risk framework.
•  Partner with business units, IT leadership, and information security officers to coordinate security programs across all platforms and subsidiaries.
•  Act as an advisor to senior executives and business leaders on cyber risks, investments, and technology adoption.
•  Provide regular reporting to the GM: Security Architecture and executive leadership, demonstrating security posture, ROI on cyber investments, and value delivered.
• Represent the Group in regulatory, industry, and partner engagements relating to advanced cyber technologies.
• Monitor and understand global information security and emerging technology trends.
• Document and communicate the security solutions roadmap to the GM: Security Architecture.

Qualifications

Qualification / Certifications:

•  A Degree in Information Technology, Cyber Security, Network Security, Enterprise Network Management, Information Systems, Engineering, or related field.
• Relevant industry certifications such as CISSP, CCSP, CISA, CCISO, SABSA, ISO27001/22301 Lead Implementer; PMP or equivalent project/program certification will be an added advantage

Experience:

• Minimum of 10 years’ progressive experience in information and cyber security, with at least 5 years in a senior management role. 
• Proven experience in engineering and designing enterprisescale IT security solutions.
• Demonstrated experience in managing technology security risk and aligning controls to business objectives.
• Strong understanding of all information security domains, with depth in advanced technologies (e.g., cloud security, AI/ML, Zero Trust, IoT).