Data Protection And IT Risk Manager
Equity Bank Rwanda | Post type: jobs September 16, 2025 - Deadline 22/09/2025 | NumberOfPosition [1]

CAREER OPPORTUNITIES AT EQUITY BANK.

Equity Bank is one of the region’s leading Banks whose purpose is to transform the lives and livelihoods of the people of Africa socially and economically by availing them modern, inclusive nancial services that maximize their opportunities. With a strong footprint in Kenya, Uganda, Tanzania, Rwanda, DRC and South Sudan, Equity Bank is home to more than 20 million customers – the largest customer base in Africa. Currently the Bank is seeking additional talent to serve in the role outlined below. General Information about the opportunity

Job Title: Data Protection and IT Risk Manager

Department: Risk Management

Reports to: Head of Risk

Job Purpose

The Data Protection and IT risk Manager will be responsible for overseeing the Bank’s data protection strategy, IT risk strategy and their implementation to ensure compliance with Data Protection Laws in the country and ensure IT risk is managed well. The role will work closely with Leadership of IT Security, Legal, Risk and Compliance functions.

Key Responsibilities and Accountability

• Inform and advise Equity Bank of their obligations pursuant to the Data Protection Laws.
• Monitor compliance with the Data Protection Laws and with the policies of the data controller or data processor in relation to the protection of personal data, including the assignment of responsibilities, awareness-raising and training of sta involved in personal data processing operations, and the related audits.
• Provide advice where requested as regards the data protection impact assessment and monitor its performance.
• Cooperate with the supervisory authority and to act as its contact point on issues relating to processing of personal data, including the prior consultation with the supervisory authority, and to consult, where appropriate, with regard to any other matter.

• Implementing measures and a privacy governance framework to manage data handling and use in compliance with the privacy laws that Equity bank has to be compliant with.
• Working with key internal stakeholders in the review of projects to ensure compliance with local data privacy laws, and where necessary, complete and advise on privacy impact assessments
• Serving as the primary point of contact for queries in the business in regards to data Protection and Privacy.
• Reviewing Equity vendor contracts and consents needed to implement projects in partnership with the Bank’s Legal and Information Security functions, and ensuring ling requirements with local regulator are achieved
• Ensure fullment data Subject rights arising from the various touch points the bank has with the customer.
• Developing policies, standards and procedures that align to the requirements set out in the GDPR, Data Protection Act and any localization requirements in countries of operation
• Collaborating with the Information Security function to raise employee awareness of data privacy and security issues, and providing training on the subject matter in the bank.
• Monitoring performance and providing advice on the impact of data protection efforts across the bank.
• Maintaining comprehensive records of all data processing activities conducted by the bank including the purpose of all processing activities, which must be made public on request.
• Interfacing with Equity Bank customers to inform them about how their data is being used, their Rights and what measures the company has put in place to protect their personal information.
• Collaborating with the Bank’s Information Security and Legal functions to maintain records of all data assets, ensure data classication and maintaining a data security incident management plan to ensure timely remediation of incidents, security breachs, complaints and claims
• Conduct risk assessment related to data handling and ensure the risk register is in place and and updated.
• Serve as the chief point of contact for our Technology Risk Management & Information Security team.
• Provide support for reviewing technology initiatives with reputational risks and red ags identied during dened intake procedures.
• Assist in the denition of the client’s technology risk appetite statements and monitor Key Risk Indicators (KRIs) against our technology risk appetite.
• Prepare the Technology Risk Management & Information Security line of business Technology Risk report and track actions to reduce technology risk.
• Assist with the Technology Risk reporting operations, including scheduling key monthly meetings, monitoring key milestones, escalation of past due activities, problem triage and management, and archiving key monthly artifacts for audit purposes.
• Develop on-going technology risk reporting, monitoring key trends and defining metrics to regularly measure control eectiveness for own area.
• Adhere to internal policies and procedures, technology control standards, and applicable regulatory guidelines.
• Contribute to the review of internal processes and activities and assist in identifying potential opportunities for improvement.
• Adhere to, advise, oversee, monitor and enforce enterprise frameworks and methodologies that relate to technology controls / information security activities.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the bank

Key Critical Competence Behavioural Skills

• Critical thinking and Problem-solving skills with the ability to analyze complex information to identify the key issue/action and drive resolution.
• Excellent organizational skills with attention to detail.
• Excellent interpersonal and communications skills, both orally and in written
• Ethical and moral skills
• Have good personal values Technical skills
• Knowledge and understanding of modern risk management standards, frameworks and practices
• Knowledge of national and international regulatory environments and key regulatory regimes
• Understanding of the national nancial industry and business environement.
• Risk intelligence (critical thinking, creativity, and curiosity, research, surveys, interviews, brainstorming, and scenario planning, analysis emerging risk, forward looking )
• Risk ethics (risk culture, risk appetite, risk governance, and risk accountability
• Risk communication (communications skills, good listener, team player, positive attitude is a must , reports preparation, dashboard, presentation and communication about identied risk and control to be implemented)
• Risk intelligence (critical thinking, creativity, and curiosity, research, surveys, interviews, brainstorming, and scenario planning, analysis emerging risk, forward looking )
• Risk ethics (risk culture, risk appetite, risk governance, and risk accountability)
• Knowledge and experience of best practice Governance, Risk management and Compliance frameworks and methodologies
• Excellent analytical, statistical and math skills with the ability to interpret vast amounts of performance data and be an IT literate
• Strong understanding of IT coding, IT information security assessment, IT risk management
• Interpret the Vulnerability assessment report and penetration Testing report
• Ability to test Incident response plan
• Ability to conduct IT risk assessment and provide recomendation on identied loopholes
• Ability to evaluate the IT environment and assess control in place and suggest any improvement
• Ability to assess adequacy of information security tool

Qualifications:

• A bachelor’s degree with Second Class upper-level majoring in IT and information security
• Minimum of 5 years’ experience in banking, especially in IT risk management.
• Expert knowledge of IT security and risk disciplines and practices
• Professional qualification in IT Risk Management and Data protection risk management is a MUST to have (Certified in information system audit, Data protection certified, etc….)
• Able to operate in a performance driven organization and culturally aware and adept at working within multicultural settings
• Attended Leadership training

If you meet the above requirements, submit your application quoting the job opportunity you are applying for as subject of your email through the email address below by 22nd September 2025.

Please include detailed Curriculum Vitae, copies of the relevant certicates, testimonials, and daytime telephone contact and email address.

Only short-listed candidates will be contacted.

Email to: jobsrwanda@equitybank.co.rw

Equity Bank is an equal opportunity employer. We value the diversity of individuals, ideas, perspectives, insights, values and what they bring to the workplace.

You Might Also Like

Internal Auditor at Society for Family September 16, 2025

Project Activity Coordinator at Societ September 16, 2025