Job Vacancies at Equity Bank Kenya

Summary of Role Purpose & Responsibilities

The Risk Manager shall assist the Head of Risk and Compliance to manage the strategy and execution of the Enterprise Risk Frameworks. The role supports the effective management of risks in Finserve Africa Limited and provides proactive, accurate and timely advice to enable the Company’s approach to identification, assessment, mitigation, monitoring and reporting risks that threaten the achievement of the Strategic Plan and/or the continuing operations of the Company.

Key Deliverables

• Implement the Enterprise Risk Management Framework, policies procedures.
• Conduct risk assessment and compile risk register.
• Implement the Risk Appetite framework
• Manage the methodology and implementation of risk assessments across customers, products, channels and jurisdiction.
• Develop and roll out a robust and effective training program for risk management initiatives.
• Undertake risk deep dives as may be deemed necessary
• Identifies and reports on emerging themes and areas for action identified through cases reviewed.
• Provide advice and guidance on controls that should be in place to mitigate the identified risks.
• Establish strong, trusting and mutually supportive relationships with 1LoD and 2LoD stakeholders

Qualifications

Qualifications / Certifications

• Bachelor's degree

Experience

• Experience in Coordinating identification, assessment, mitigation, monitoring, and reporting of risks that could impact the achievement of a Company’s strategic objectives or threaten business continuity

go to method of application »

Summary of Role Purpose & Responsibilities

The Information Technology Manager will assist the Head of Risk and Compliance in ensuring that in protecting and ensuring the resilience of Finserve data and IT systems. This role will ensure that the Technology Information Cybersecurity Controls are implemented effectively and in accordance with the TICS Framework and for instilling a culture of cyber security within the Company. This role will also ensure that the Company’s ability to meet its TICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable TICS risk profile that is regularly reported to the Board.

Key Deliverables

• Oversee data analytics strategy for IT and Cybersecurity risks reporting within the subsidiary.
• Manage data standards, governance and implementation according to BCBS 239.
• Support and ensure the digitization of key processes within IT Governance:
  • Policies, standards and procedures operationalization track.
  • IT People skills and head count.
  • Audit issues remediation.
  • Improve risk culture through various initiatives.
  • Review of new systems and products.

Qualifications

Qualifications / Certifications

• Bachelor's degree

Experience

• Technology Information Cybersecurity (TICS) risk assessment awareness.
• Knows how to Adhere to Technology Information Security Policies and Frameworks.
• Able to create Employee Awareness and Training on TICS policies and Framework

go to method of application »

Job Purpose
The Manager, Information Risk is responsible for developing, implementing, and managing the group’s information risk management framework. This includes identifying, assessing, mitigating, and monitoring information-related risks, and ensuring appropriate controls on data flows from source systems to the data warehouse/data lake across IT systems. The role works closely with IT, Security, Audit, and Business teams to ensure that information assets are adequately protected, regulatory compliance is maintained, and risk postures align with the organization’s strategic objectives and risk appetite.

Job Responsibilities / Accountabilities

Data Governance

• Map end-to-end data flows within the group’s systems and ensure the necessary controls are in place for completeness and accuracy of data.
• Implement and maintain the group’s data and information risk management framework, policies, standards, and procedures in alignment with industry best practices (e.g., ISO 27001, NIST, COBIT) and regulatory requirements.
• Integrate information risk management activities into the broader enterprise risk management (ERM) framework.

Risk Identification & Assessment

• Conduct comprehensive information risk assessments (including IT, cybersecurity, and data privacy risks) across systems, applications, processes, and third-party relationships.
• Identify potential threats, vulnerabilities, and their impact on information assets.
• Facilitate risk workshops and interviews with stakeholders to gather risk intelligence.

Risk Mitigation & Treatment

• Develop and recommend risk treatment plans, controls, and countermeasures to mitigate identified risks to acceptable levels.
• Collaborate with IT, Security, and Business teams to implement mitigation strategies and track their effectiveness.
• Assist in developing business continuity and disaster recovery plans related to information risk.

Risk Monitoring & Reporting

• Manage key risk indicators (KRIs) and metrics to continuously monitor the group’s information risk posture.
• Prepare and present regular, clear, and actionable risk reports to senior management, risk committees, and the Board as required.

Compliance

• Ensure compliance with relevant information security, data privacy, and industry-specific regulations.

Third-Party Risk Management

• Lead the assessment of information risks associated with third-party vendors, suppliers, and service providers.
• Oversee third-party risk assessment processes, including security reviews and contractual compliance checks.

Awareness & Training

• Contribute to the development and delivery of technology, information, and cybersecurity risk awareness and training programs.
• Promote a strong risk culture across the organization.

Qualifications

Required Skills and Qualifications

• Education: Master’s or Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or Data Science.
• Preferred certifications (one or more): Certified Data Management Professional (CDMP), CRISC, CISM, CISA, CISSP, GRCP, relevant cloud security certifications (e.g., AWS Security, Azure Security).
• Minimum 5+ years of progressive experience in Information Risk Management, Cybersecurity, IT Audit, or IT Governance within a complex organizational environment.
• Experience in the financial services industry is highly preferred due to its regulatory landscape.

go to method of application »

Summary of Role Purpose & Responsibilities

• The Cybersecurity Risk & Red Team Specialist is responsible for proactively identifying, assessing, and mitigating cybersecurity risks across the Equity Group through simulated attack scenarios and advanced threat emulation.
• This role integrates offensive security practices with a thorough understanding of enterprise risk management, ensuring that vulnerabilities and process gaps are promptly identified and addressed.
• The specialist will lead and execute red team exercises, contribute to security posture improvements, and support risk management initiatives to enhance the Equity Group’s cyber resilience against evolving threats.

Key Deliverables

Red Team Operations

• Plan, lead, and execute red team assessments including web, mobile, network, cloud, and social engineering scenarios.
• Simulate advanced persistent threat (APT) techniques, including lateral movement, privilege escalation, and data exfiltration.
• Develop, document, and execute attack playbooks tailored to the Equity Group's environment.

Risk Identification & Management

• Conduct cybersecurity risk assessments across applications, infrastructure, cloud environments, and third-party integrations.
• Collaborate with stakeholders to assess the risk impact and develop actionable mitigation strategies.
• Maintain a risk register and track remediation efforts through to resolution.

Security Testing & Validation

• Perform vulnerability assessments and penetration testing of systems, applications, and APIs.
• Validate the effectiveness of security controls, detection mechanisms, and incident response procedures.
• Support purple team exercises by providing offensive techniques for defensive validation.

Reporting & Communication

• Deliver detailed, actionable, and executive-friendly assessment reports.
• Communicate complex technical findings to both technical and non-technical stakeholders.
• Provide recommendations to enhance security controls, processes, and risk mitigation strategies.

Continuous Improvement

• Contribute to the evolution of security testing methodologies, tools, and technologies.
• Monitor the cybersecurity threat landscape and emerging attacker techniques.
• Support cybersecurity awareness and simulation campaigns based on red team findings.

Qualifications

Qualifications / Certifications

• Education: Master's / bachelor’s degree in information technology, Computer Science, Cybersecurity, Data Science.
• Certifications (One or more of the following strongly preferred): Minimum of CEH (Certified Ethical Hacker) certification or LPT (Licensed Penetration Tester).
• Any one ISACA related Certification (e.g. CISM, CISA, CRISC and CGEIT) * Added advantage.
• OSCP, CRTO, CRT, OSEP, CRTP, CRTE (Offensive Security Certifications) * Added advantage.
• GIAC Penetration Tester (GPEN), Red Team Professional (GRTP) * Added advantage.

Experience

• Minimum 5+ years of experience in cybersecurity, with at least 2 years focused on Red Teaming, offensive security, or penetration testing.
• Experience in cybersecurity risk management or security operations within regulated industries, preferably financial services.
• Prior experience in planning and executing Red Team/Purple Team exercises across diverse technological landscapes.
• Demonstrated success in delivering security risk assessments and providing technical recommendations.

go to method of application »

Job Purpose

The role will assist the Head of Risk and Compliance in ensuring that the entity and the Board are kept appraised of relevant changes in laws and regulations, emerging risks and potential gaps in managing and implementing international and local Regulatory Compliance, financial sanctions, Anti Bribery and Corruption, Anti Money Laundering, Counter Terrorism and Proliferation financing and Regulatory Conduct controls.

The role holder will be tasked to manage the Compliance, Financial Crime and Conduct compliance function by ensuring that it has an optimal, effective, efficient, and regulatory compliant risk management framework.

Job Responsibilities/ Accountabilities   

• Provide strategic advice to the business on Compliance, Financial Crime, Conduct risks and regulatory requirements.
• Build and maintaining relationships with regulators, and other stakeholders.
• Develop and implementing Compliance, Financial Crime, Conduct frameworks, policies and procedures.
• Lead and managing different programs and projects within the business with a focus on Compliance, Financial Crime, Conduct.
• Conduct targeted thematic reviews, working with 1LoD and 2LoD stakeholders.
• Manage the methodology and implementation of Compliance, Financial Crime, Conduct risk assessments across customers, products, channels and jurisdiction.
• Management the implementation of systems and tool deployed for Compliance, Financial Crime, Conduct
• Proactively manage and communicate Compliance, Financial Crime, conduct issues brought by changes to legislation and other regulatory requirements.
• Develop and rollout a robust and effective Compliance, Financial Crime, Conduct training program.
• Identifies and reports on emerging themes and areas for action identified through cases reviewed
• Assist the Head of Risk and Compliance in the preparation of the report to Board, management and committees on the Compliance, Financial Crime, Conduct frameworks.
• Provide advice and guidance on controls that should be in place to mitigate Compliance, Financial Crime, Conduct risks
• Establish strong, trusting and mutually supportive relationships with 1LoD and 2LoD stakeholders

Qualifications

Required Skills and Qualifications

• Bachelor’s degree in a relevant field
• Experience in Regulatory Obligation register, Compliance policies and procedures, Staff Training and Risk Assessments

go to method of application »

Job Purpose

The role will assist the Compliance Manager in ensuring that the Company complies to the laws and regulations relating to international and local Regulatory Compliance, sanctions, Anti Bribery and Corruption, Anti Money Laundering, Counter Terrorism and Proliferation financing and Conduct controls.

The role holder will be tasked to perform transaction monitoring and reporting for the Digital Financial Services to ensure full compliance to procedures and policies.

Job Responsibilities/ Accountabilities   

• Assist the Compliance Manager to deliver on Compliance, Financial Crime, Conduct and regulatory requirements.
• Assist the Compliance Manager in updating the Compliance, Financial Crime, Conduct frameworks, policies and procedures.
• Assist the Compliance Manager in identifying and evaluating compliance-related risks to the Company.
• Transaction monitoring and reporting for the Digital Financial services.
• Review the alerts and resolve the transaction monitoring of the Digital Financial Services
• Support the Compliance Manager on the implementation of systems and tools deployed for Compliance, Financial Crime, Conduct.
• Support the Compliance Manager in implementation of the monitoring
• system to detect and report suspicious activity related to financial crimes and ensuring timely reporting to the Regulators as required
• Assist the Compliance Manager in compiling Regulatory reports for both internal and external requirements.
• Investigating compliance violations or breaches and recommending corrective actions.

Qualifications

Required Skills and Qualifications

• Bachelor’s degree in a relevant field
• Experience in Regulatory Obligation register, Compliance policies and procedures and Transaction Monitoring reporting

go to method of application »

Job Purpose

This role is responsible for the end-to-end management of process optimization, quality assurance, risk mitigation, and compliance. Leveraging methodologies like Lean Six Sigma, BPM, and ISO 9001:2015, the Manager will streamline workflows, automate processes, enhance data-driven decision-making, and build robust capabilities within Supply Chain and Administration teams.
The ultimate goal is to deliver significant cost savings, increase efficiency, improve service delivery, and foster a sustainable culture of high performance and quality.

Key Responsibilities

Strategic Process Improvement & Operational Excellence

• Lead end-to-end process improvement projects from initiation to execution using Lean, Six Sigma, BPM, and ISO 9001:2015 frameworks.
• Design and implement operational models to reduce waste, improve cycle times, and achieve cost savings.
• Streamline workflows across business units to improve productivity and reduce turnaround times.
• Conduct Value Stream Mapping (VSM) and facilitate Kaizen events to identify bottlenecks and drive continuous improvement.

Quality Management Systems (QMS) & Compliance

• Implement and continuously improve ISO 9001:2015 Quality Management Systems.
• Develop and execute quality assurance plans with robust risk analysis.
• Oversee monitoring frameworks to ensure adherence to quality standards.
• Standardize policies, processes, and documentation in line with ISO requirements.
• Ensure departmental readiness for ISO certification and compliance.

Audit, Risk & Compliance Management

• Conduct quality and process audits for ISO 9001:2015 compliance.
• Identify control gaps and systemic risks within operations.
• Track compliance vulnerabilities and operational risks.
• Escalate potential fraud or legal cases to the Legal & Compliance team.
• Implement a WorkStream Health framework to monitor high-risk and underperforming projects.

Technical & Functional Documentation

• Develop clear, accurate operational procedures.
• Create BPMN workflows and operational specifications.
• Document escalation matrices and control frameworks aligned with risk registers.
• Maintain subsidiary-level document master lists for governance and audits.

Data Analytics, Monitoring & Reporting

• Design and implement performance dashboards using Power BI or Tableau.
• Develop KPIs, productivity metrics, and reporting structures.
• Translate data into actionable insights for decision-making.
• Monitor critical processes with specialized dashboards for transparency.

Project Management & Execution

• Lead design, scoping, and execution of cross-functional improvement initiatives.
• Manage change processes for policy and technology rollouts with minimal disruption.

Training & Capacity Building

• Design and deliver Lean Six Sigma, 5S, ISO, and continuous improvement training programs.
• Prepare training materials to build organizational awareness and technical capacity.
• Establish knowledge centers to encourage continuous learning.

Recruitment & Workforce Quality Optimization

• Define recruitment KPIs and quality standards.
• Collaborate with departments to improve sourcing, onboarding, and throughput.

Service & Performance Monitoring

• Develop frameworks for performance and productivity measurement.
• Conduct service audits and document service charters to enhance accountability.

Qualifications

Required Skills and Qualifications

Must-Haves:

• Certified Lean Six Sigma Black Belt.
• ISO 9001:2015 Lead Auditor certification.
• Bachelor’s degree in Business Administration, Operations Management, Quality Management, Communications, or related field.

Nice-to-Haves:

• Master’s Degree (MBA, Business Process Management, Quality Management, or Organizational Development).
• Project Management certification (PMP, PRINCE2).
• Change Management certification (PROSCI, ExperienceChange).
• Certifications in BPM (CBPA, BPMN).
• Proficiency in process modeling software (Visio, Signavio, Aris).
• Certifications in Data Analytics or BI tools.

Experience:

• Minimum 12 years leading enterprise-wide process improvement, quality management, and operational excellence initiatives.
• At least 5 years in managerial or consulting roles with direct responsibility for driving continuous improvement.

Markets:

• Experience in multi-country or multi-cultural environments.

Functional Expertise:

• Operational Excellence, Lean Six Sigma, BPM, Quality Assurance, ISO 9001:2015, Operational Risk Management, Project Management, Data Analytics, Training & Development, and Service & Operations Management.

Other:

• Proven track record in cost reduction, efficiency gains, improved turnaround times, and service delivery enhancement.
• Strong hands-on experience with BI tools (Power BI, Tableau).
• Skilled in leading and documenting complex improvement projects and managing change effectively.

go to method of application »

Job Purpose:
Working jointly with segments and branches, the specialist will offer input in development of business cases for Food & Agriculture clients and support in relationship management for these clients, ultimately driving the growth of F&A BIMS business opportunities.

Key Responsibilities

• Participate in the sub-sector policy development and contribute to efforts to formulate the Bank’s particular strategy relating to the assigned sub-sector.
• Map out BIMS opportunities within the sub-sector and guide the bank in conversion of the same.
• Offer knowledge based sub-sector technical support to various bank structures; branches, segments, treasury, corporate, exco, to enhance business growth and development.
• Participate in appraisal and processing of agricultural facilities within the assigned sub-sector.
• Responsible for portfolio growth, NPLs management and deposit mobilization within the assigned sub-sector.
• Act as a liaison officer for the bank to industry associations, government bodies and other entities within your sub-sector.
• Coordinating bank participation in events within the sub-sector ensuring value maximization.

Qualifications

Academic Qualifications & Experience

• Holder of a Degree in Agricultural Economics, Agriculture Engineering, Agribusiness, Food sciences, Technology, agriculture finance or related field.
• A master’s degree in a related field will be an added advantage.
• At least eight (8) years of relevant experience in the Food & Agriculture, five (5) of which must be in technical level of the sector and three (3) in management level within the sector.
• Experience in delivering high quality economic and technical analysis, research advice on specific F&A sector in support of the Bank’s business growth and development.

Key Competencies & Skills

• Awareness of sub sector industry trends, technology, and developments and ability to convert the same into business opportunities for the Bank.

go to method of application »

Job Purpose:

F&A Agriculture Mechanization specialist will head the subsector assigned and guide the bank in mining BIMS opportunities in their respective industries of knowledge.
Working jointly with segments and branches, the specialist will offer input in development of business cases for F&A clients and support in relationship management for these clients, ultimately driving the growth of F&A BIMS business opportunities.

Key Responsibilities

• Participate in the sub-sector policy development and contribute to efforts to formulate the Bank’s particular strategy relating to the assigned sub-sector.
• Map out BIMS opportunities within the sub-sector and guide the bank in conversion of the same.
• Offer knowledge based sub-sector technical support to various bank structures; branches, segments, treasury, corporate, exco, to enhance business growth and development.
• Participate in appraisal and processing of agricultural facilities within the assigned sub-sector.
• Responsible for portfolio growth, NPLs management and deposit mobilization within the assigned sub-sector.
• Act as a liaison officer for the bank to industry associations, government bodies and other entities within your sub-sector.
• Coordinating bank participation in events within the sub-sector ensuring value maximization.

Qualifications

Academic Qualifications & Experience

• Holder of a Degree in Agricultural Economics, Agriculture Engineering, Agribusiness, Food sciences, Technology, agriculture finance or related field.
• A master’s degree in a related field will be an added advantage.
• At least eight (8) years of relevant experience in the Food & Agriculture, five (5) of which must be in technical level of the sector and three (3) in management level within the sector.
• Experience in delivering high quality economic and technical analysis, research advice on specific F&A sector in support of the Bank’s business growth and development.

Key Competencies & Skills

• Awareness of sub sector industry trends, technology, and developments and ability to convert the same into business opportunities for the Bank.

go to method of application »

Purpose of the Role:

• Ensure oversight and reporting on the following areas:
• System availability and resilience including Disaster Recovery Planning and Backup
• Data center resilience
• Capacity management and planning
• Incident and event management including Root cause analysis and lesson learnt ; SLA management (external/internal) and Vendor management 
• User access management including Privileged access management  and Remote access management
• System requirements analysis
• Product and Software testing; Code and release management 

Key Outcome

• Overall reduction of the Technology risk profile.
• Achieve 99.99% uptime for digital platforms and core banking systems by 2026 through quarterly DR testing.
• Conduct annual technology risk assessments across six jurisdictions, identifying and mitigating risks (e.g., DRC conflict impact).
• Optimize billion digital investments for ROI tracking.
• Reduce operational disruptions by 50% through enhanced monitoring within year

Qualifications

Qualification / Certifications:

• Master’s/ bachelor’s degree in information technology or engineering. 
• CISA or CRISC; Cloud certification preferred.

Experience:

• 5+ years in IT risk management and technology governance, with 1+ years in a supervisory role within a financial, Technology or Telco institutions. 
• Expertise in operational resilience, system uptime, and disaster recovery, with experience in jurisdictions facing geopolitical risks (e.g., DRC, South Sudan).