Vacancies at Equity Bank Kenya

Job Purpose:   

The Product Security Architect will be responsible for designing and development of security control for the business Commercial, Fintech, and digital initiatives. He/ she will work closely with the various business team to understand the product and services and further recommend security controls for inclusion. The controls should be less business disruptive, enforce cyber control, reduce fraud and is frictionless with business objective. 

The Product Security Architect ensures existing and new business services and products have adequate security controls and conform to Equity Policies, procedures and standards. 

Job Responsibilities/ Accountabilities: 

Architecture: 

• Formulate security specific requirements for business services for Commercial, Fintech, and digital initiatives  
• Work closely with all the business teams to design and incorporate security as part of product development 
• Work closely with the other technology architects to ensure that security is properly embedded in their technology domains architectures 
• Work independently with developers, system/network administrators, product owners, and other colleagues to ensure secure design, development, and implementation of applications and networks 
• Perform security design reviews of applications, systems, and networks 
• Provide remediation guidance and recommendations to developers and administrators 
• Define security best practices and standards, interpreter same to business and product owners 
• Familiarity with common vulnerabilities and attack vectors 
• Advise product and business owners on encryption technologies (PGP, SSH, SSL, etc.) and common authentication protocols (OpenID Connect, OAUTH, SAML, RADIUS, LDAP, KERBEROS, etc.) 
• Leading and contributing to the security posture of Equity’s networks and systems, data centre infrastructures, cloud architectures and solutions 
• Developing and/or carrying out the strategic direction of security projects to enable execution of the information security strategy 

Strategy: 

• Excellent understanding of customer transaction flow of commercial and Fintech services  
• Indepth understanding of social engineering weaknesses and countermeasures  
• Understand B2C, B2B and C2C business model in relation to security controls  
• Ability to simplify analysis and present results clearly at all levels of the business - including at senior management team level 

Qualifications

Knowledge and Experience 

• A Degree or its equivalent in Information Technology, Network Security, Enterprise Network Management, Information Security, Management Information System Computing, Engineering or similar area of study 
• Relevant industry certifications in information security program and governance as well as PMP will be an added advantage 
• Minimum of 2 years working in information security governance  
• Minimum of 1 year working as a business analyst in technical security and IT  
• Good understanding of business models and services in financial, telecom and FinTech domain  
• Good understand of customer, merchant integration model 
• An excellent team member who is analytical, logical and able to work with other Product team which are dedicated to making Equity products and technologies as secure as possible 
• Experience with creating technical documentation: product documentation, technology, software and systems architecture, and technical whitepapers 
• Working experience with the following concepts: SSL Crypto Solutions, Data Protection and Security, Software Development Methodologies (E.G. Agile), API Gateways, Data Analytics 
• Strong cross-domain and cross-functional knowledge that will enable design of the best possible security technology solutions 
• Has good understanding of the SSDLC process and follows the process to effectively develop and design solutions 
• Ability to function as an individual contributor and mentor/leader detached from the corporate environment 
• Good understanding of Open Application Programming Interface business model  
• Good understanding ISO27001 and PCI-DSS certification 
• Experience of identifying and managing technology security risk 
• Up-to-date knowledge of future IP and network security technologies, equipment and their benefits 
• Widespread knowledge of different IP and network security vendors and solutions, and managed  

Key Critical Competencies 

• Ability to know when to implement solutions with consideration to the wider impacts i.e. risk, cost, customer impact, timescales, etc. 
• Excellent negotiation, and written and verbal presentation skills 
• Ability to handle high pressure situations with key stakeholders 
• Good Analytical skills, Problem solving and Interpersonal skills 
• Deep knowledge of enterprise application development security controls  
• Some knowledge of Telco convergence, FinTech network traffic consumption  

Role Complexity:   

• Document security control for each business service delivery  
• Understand each business function – Commercial, FinTech and digital initiatives 

Budgets/ Financial Input 

• Provide knowledge business services and product to the security team 
• Consolidate and translate business security needs into finical measurable matrix

go to method of application »

Job Purpose:

The Group's Enterprise Risk Management (ERMF) integrates Fraud as a principal risk type, necessitating meticulous management to align with the Group's strategic objectives. The effective handling of fraud risks adheres to the Group's Fraud Risk Management Framework and relies on adept anti-fraud professionals. 

The pivotal position of Group Senior Fraud Manager – Payment is instrumental in the seamless implementation of the Fraud Risk Management Framework within the Payments (Move) businesses across the Group. Collaborating closely with subsidiary heads of risk and fraud management, the incumbent is tasked with ensuring the continuous identification, assessment, and evaluation of payment fraud risks, followed by their proficient mitigation. 

This role reports directly to the Group Fraud Risk Management Director. 

Job Responsibilities:

• Review fraud risk assessments for both existing and new payments products and services while ensuring anti-fraud controls are evaluated as part of Risk & Control Self Assessments by the payment business and operation units. 
• Conduct payment fraud risk assessments taking a risk-based approach for businesses, products, processes, and systems to identify emerging fraud trends, vulnerabilities, and areas for improvement. 
• Collaborate with subsidiaries heads of risk to formulate comprehensive payment fraud risk management strategies aligned with the Group's enterprise risk management framework. 
• Provide payment fraud expert advice to the business on fraud risk management, controls, and initiatives in line with business strategy, enterprise risk, and fraud management policies and framework. 
• Monitor Key Performance Indicators (KPIs) for payment fraud, analyzing trends and their impact on the business, while measuring the effectiveness of fraud prevention and detection controls. 
• Ensure a clear understanding, evaluation, and agreement on inherent and residual payment fraud risks, including their likelihood, impact, and ratings with respective subsidiary risk heads. 
• Analyze payment business processes to identify control failures/weaknesses and/or procedure breaks related to fraud risk events, including an evaluation of the performance of payment fraud risk controls, tools, and data usage across all payment units and channels. 
• Prepare comprehensive management and board reports on payment fraud risk exposure, incidents, and mitigation efforts to senior management and relevant board committees. 
• Respond to inquiries from payment business units regarding fraud risk management issues. 
• Collect and analyze payment fraud data and insights for use in fraud prevention and detection. 
• Curate and disseminate payment industry best practices related to fraud risk management. 
• Develop relevant payment anti-fraud materials for internal training and customer fraud awareness. 
• Instill a robust fraud risk awareness culture within payment businesses, fortifying the Group’s values and code of conduct. 

Qualifications

Educational & Professional Qualifications:

• Bachelor’s degree in accounting, business administration, risk management, or information technology. 
• 7+ years of experience in Financial Services with at least 5 years’ experience in fraud risk management, prevention, detection, or investigations. 
• Experience in Payments and Fintech will be an added advantage 
• Professional certifications such as Certified Fraud Examiner (CFE) is highly desirable. 

Competencies:

• In-depth knowledge of fraud prevention and detection techniques, technologies, and payment industry best practices. 
• Understanding of payment fraud risks, business controls, regulatory issues, and market practices. 
• Ability to collaborate with other teams and influence change within business units and teams. 
• Strong analytical and problem-solving skills, with the ability to deduce insights from diverse data sets and identify potential fraud indicators. 
• Excellent communication, negotiation, and presentation skills, with the ability to convey risk management concepts to diverse audiences. 
• Proficiency in regulatory frameworks and compliance requirements related to payments. 
• Leadership and team management abilities, with a track record of championing the implementation of control recommendations. 

go to method of application »

Job Purpose:

The Group's Enterprise Risk Management (ERMF) integrates Fraud as a principal risk type, necessitating meticulous management to align with the Group's strategic objectives. The effective handling of fraud risks adheres to the Group's Fraud Risk Management Framework and relies on adept anti-fraud professionals. 

As a Fraud Risk Analyst, you will be responsible for identifying, assessing, and mitigating potential fraud risks across the Equity Group. Your primary focus will be on analyzing transactional data, risk events and incidents data, monitoring suspicious activities and control effectiveness. You will collaborate with cross-functional teams to develop and enhance fraud detection processes and procedures and implementing strategies to prevent and detect fraudulent behaviors. 

This role reports directly to the Head of Group Fraud Risk Management. 

Job Responsibilities:

• Utilize advanced analytics and data mining techniques to identify patterns and anomalies indicative of fraudulent activity across the various business and operational units. 
• Monitor transactional data and conduct regular reviews to proactively identify emerging fraud trends and risks facing Equity Group. 
• Assess the severity and potential impact of identified fraud risks on the Group's operations, finances, and reputation. 
• Conduct comprehensive risk assessments to evaluate vulnerabilities and weaknesses in existing fraud prevention measures. 
• Analyze historical data and industry trends to anticipate future fraud threats and recommend proactive risk mitigation strategies. 
• Develop and implement fraud prevention strategies and controls to mitigate risks effectively. 
• Collaborate with internal stakeholders, including 1st, 2nd and 3rd lines of defense personnel, legal, and IT teams, to establish robust fraud prevention policies and procedures. 
• Stay abreast of industry best practices and emerging technologies to enhance fraud prevention capabilities continuously. 
• Prepare detailed reports and presentations on fraud trends, incidents, and mitigation efforts for senior management and regulatory authorities. 
• Maintain accurate documentation of fraud incidents, investigations, and resolutions in compliance with regulatory requirements and internal policies. 
• Provide training and support to employees on fraud awareness, detection techniques, and reporting. 
• Raise awareness of fraud risks and prevention measures across the organization through regular communications and educational initiatives.

Qualifications

Educational & Professional Qualifications:

• Bachelor’s degree in accounting, business administration, risk management, data analytics or IT. 
• Experience in data analytics and knowledge of programming languages. 
• Professional certifications such as Certified Fraud Examiner (CFE) will be an added advantage. 

Competencies:

• Proven experience in fraud detection, risk analysis, or investigative roles within the financial services industry or a similar sector. 
• Strong analytical skills with the ability to interpret complex data sets and identify meaningful insights. 
• Proficiency in data analysis tools and techniques, such as SQL, SAS, Python, or R. 
• Excellent communication skills, with the ability to articulate complex concepts clearly and concisely. 
• Strong attention to detail and a commitment to maintaining the highest standards of accuracy and integrity. 
• Ability to work effectively both independently and collaboratively in a fast-paced, dynamic environment.