Equity Bank Limited – Head of Cyber Risk & Red Team.

All jobs > Equity Bank Limited – Head of Cyber Risk & Red Team.
This job has been expired

Get a free C.V. review by sending your C.V. to submitcv@careerassociated.com or click the following link. Submit C.V.! use the subject heading REVIEW.

IMPORTANT: Read the application instructions keenly, Never pay for a job interview or application.

Click the Link Below to Get Targeted Job Updates

Sign Up For Targeted Job Updates Here

Head of Cyber Risk & Red Team – ()


Equity Bank is one of the region’s leading banks whose purpose is to transform the lives and livelihoods of the people of Africa socially and economically by availing them modern and inclusive financial services that maximize their opportunities. With a strong footprint in Kenya, Uganda, Tanzania, Rwanda, South Sudan and DRC Congo, Equity Bank is now home to over 12 million customers – the largest customer base in Africa. Currently the Bank is seeking additional talent to serve in the role outlined below.

The CISRO Function

The Group Chief Information Security Risk Officer (CISRO) function is instrumental in protecting and ensuring the resilience of Equity Group’s data and IT systems by managing information, cybersecurity, and IT risk across the enterprise. As a critical function reporting into the Group Chief Risk Officer (CRO), the CISRO function serves as the second line of defence for assuring ICS controls are implemented effectively and in accordance with the Risk Framework and for instilling a culture of cyber security within the Bank. The Group CISRO is responsible for ICS governance, strategy, policy, risk assessments, industry partnerships, and regulatory engagement. The Office of the CISRO is central to ensuring the Bank’s ability to meet its ICS commitments to internal and external stakeholders, including regulators, as well as maintaining an acceptable ICS risk profile that is regularly reported to the Board.

The Role

This Head of Cyber Risks & Red Team role is highly technical and challenging with opportunities to lead a team that will have a meaningful impact. The is expected to possess a deep understanding of both information security and information technology and should understand concepts including computer networking, web and native application functionality, operating system functionality, cloud services, corporate network environments and operations. He should be able to learn advanced concepts such as endpoint protection evasion, covert operations, and tailored exploit development.

The role leverages previous threat intelligence, and Red Team experience. This may involve delivering Threat Intel-led Red Team exercises, preparing a red team lab infrastructure, developing social engineering test campaigns and the associated collateral, executing phishing campaigns and attempting to compromise internet-facing systems, conducting privilege escalation and lateral movement within the group’s networks, hunting for objectives with little-to-no information provided at hand and attempting to exfiltrate data from the network;  all while avoiding detection from the bank’s security operations teams. The role will require you to perform exploits at scale while remaining stealthy, identify and exploit misconfigurations in the corporate infrastructure, quickly and effectively parse data, present relevant data in a digestible manner, think well outside the box.

At EGHL, you’ll be faced with complex problem-solving opportunities and hands-on technical opportunities on a daily basis to protect the Group’s most sensitive and valuable data through comprehensive and real-world scenario emulation, based off of the most up-to-date threat intelligence. You are expected to quickly assimilate new information, understand all the threat vectors in the group’s control environment and properly assess them. You will also be expected to create a team of red teamers and develop new skills as you progress


  • Responsible for the establishment of the group’s internal second line of defense red teaming capability to enable targeted testing of the group’s environment as well as effective follow up of vulnerability remediations.
  • Perform red team assessments with purple team support, assumed breach assessments, ransomware readiness reviews (assessing susceptibly to modern ransomware threats), threat analysis and social-engineering assessments.
  • Perform external/internal/cloud/wireless network assessments, web and mobile application testing, source code reviews, network security and IT architecture reviews.
  • Define relevant key performance indicators and metrics for measuring the maturity of the Group’s security posture from red-teaming and cyber security assurance activities
  • Provide both subject matter expertise and project management experience to serve as the “point person” for engagements and where required, supervise the scoping of prospective engagements by external vendors, participating in engagements from kickoff to completion.
  • Interface with the relevant internal and external teams to clarify and provide support to address concerns, issues, or escalations; track and drive to closure any issues that impact the service and its value to the bank’s customers
  • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
  • Oversee and manage implementation improvements to the group’s business processes, methodologies, tools, and client communication methods
  • Provide expert experience building information, cybersecurity and it risk programs to include hands-on implementation and/or assessment of relevant controls
  • Provide necessary support in investigations, cyber forensic investigation and root cause analysis when required.
  • Use formal project management skills in planning, tracking, and reporting on project progress


  • Provide assurance that the first line implements controls to comply with applicable laws and regulations and escalate significant policy and regulatory non-compliance matters and developments to the Group CISRO;
  • Support the Testing and Assurance team, based thematic reviews, stress tests, regulatory submissions, and Internal and external audit reviews;
  • Establish and maintain strong relationships with identified stakeholders and understand their strategic goals to ensure ICS alignment
  • Assist with the articulation of the value of ICS controls and their bottom-line impact;
  • Represent EGHL in internal and external meetings where required;

Risk Management

  • Lead all red team assessments and management of ICS risks and reporting outcomes within EGHL and the individual subsidiaries;
  • Highlight gaps or control weaknesses against security controls and standards, raising concerns to the CISRO and relevant forums;
  • Provide recommendations and feedback based on ICS testing and assurance experience within EGHL and the subsidiaries;
  • Provide input into Group wide ICS assessments, reporting, and strategies

People and Talent

  • Lead through example and help to create the appropriate culture and values.
  • Work in collaboration with risk and control partners.
  • Work collaboratively with the CISRO Team
  • Effective staff management to achieve operational objectives
  • Agility to manage and balance own time among multiple tasks, and lead junior staff when required
  • Uphold and reinforce the independence of the second line ICS Risk function.
  • Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across EGHL. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct.
  • Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters.

Key Stakeholders

  • Group Chief Risk Officer and other senior Risk management teams,
  • Group CISRO, Head of IT and Cyber Security, Group Directors, Group CISO and other senior management
  • IT Operations risk management and cloud governance heads and teams
  • Group Internal Audit and other Business stakeholders 

 Ideal Candidate

  • Bachelor’s degree in Computer Science, Information and Cyber Security, Technology or equivalent
  • Minimum of 7 years of relevant in information security or risk management, preferably in Banking and Financial sector, with 5 years hands-on experience in penetration testing red teaming and information assurance assessments
  • Minimum of at least a CISSP, CISA, CISM or CRISC (at least one) certification
  • Consistently able to demonstrate or articulate value proposition
  • Prior positive interaction with C-level executives or senior executive personnel
  • Candidates will also have one or more of the following
  1. Licensed Penetration Tester (LPT)
  2. Offensive Security Certified Expert (OSCE)
  3. Offensive Security Evasion Techniques and Breaching Defences (OSEP)
  4. Offensive Security Advanced Windows Exploitation (OSEE)
  5. SANS Penetration Testing and Ethical Hacking / Purple Team certifications
  • Red team operations and purple team delivery, including adversary emulation
  • Operation of common command and control solutions
  • Network penetration testing and manipulation of network infrastructure
  • Shell scripting or automation of simple tasks using common scripting languages
  • Developing, extending, or modifying exploits, shellcode, or exploit tools
  • Technical report writing and documentation of red team testing activities
  • Presentation of technical details to both a technical and executive audiences
  • Windows, Linux, Unix and/or Mac operating systems including bash and PowerShell
  • Experience in at least four of the following
  1. Email, phone, or physical social-engineering assessments
  2. Reverse engineering malware, data obfuscators, or ciphers
  3. Thorough understanding of network protocols, data on the wire, and covert channels
  4. Threat intelligence analysis
  5. System administration of corporate environments and networking
  6. Systems exploitation
  7. Offensive security project management
  8. Source code review for control flow and security flaws
  9. Strong knowledge of tools used for wireless, web application, and network security testing
  10. Mobile and/or web application assessments
  11. Technical incident response processes and engagements
  • Ability to both assess priorities and to focus on work in a structured fashion which delivers results
  • Sound judgement and anticipation
  • Strong integrity, independence, and resilience 


Closing Date

Aug 13, 2022