Group Head: Identity & Access Management (IAM)

Equity Bank Kenya is seeking a Group Head for Identity & Access Management (IAM) to provide strategic leadership and operational oversight for the bank's identity governance functions. The role is responsible for refining and executing a group-wide IAM strategy and roadmap that aligns with business objectives, regulatory frameworks, and the broader cybersecurity strategy. This position involves leading a multi-country IAM structure, managing cross-border teams, and overseeing the integration of IAM controls with HR systems, core banking platforms, and cloud services.

Key Responsibilities

• Strategy & Governance: Refine and execute the Group-wide IAM strategy and roadmap, aligning with business objectives and the Group’s cybersecurity strategy. Ensure IAM and PAM remain critical business enablers while reducing risk.
• Operational Leadership: Lead a multi-country IAM structure, managing cross-border teams, vendors, and system integrators. Oversee the end-to-end Joiner-Mover-Leaver lifecycle across all entities.
• Integration & Automation: Integrate IAM controls with HR systems, core banking platforms, Active Directory, cloud services, and third-party fintech partners to deliver automated identity workflows.
• Platform Management: Own the configuration, customization, and scaling of the Group’s IGA platform (e.g., SailPoint). Prioritize onboarding of critical applications (core banking, payments, SWIFT, treasury, etc.).
• Privileged Access Management (PAM): Define and lead the Group PAM strategy to secure administrator, root, and other privileged accounts. Implement Just-in-Time (JIT) provisioning and session monitoring.
• Compliance: Ensure compliance with diverse regulations including central bank guidelines, GDPR, PCI-DSS, ISO 27001, and local data-protection laws across all operating countries.
• Reporting: Present regular updates to executive committees, boards, and regulators on IAM posture, risks, and performance.

Qualifications and Experience

• Education: Bachelor’s degree in Computer Science, Information Security, or related field; Master’s preferred.
• Certifications: CISSP, CRISC, CCSP are required.
• Experience: 12+ years of information security experience, with at least 5 years leading enterprise IAM programs in banking, financial services, or similarly regulated industries.
• Technical Expertise: Hands-on expertise with leading IGA platforms (e.g., SailPoint, Saviynt, Oracle) and PAM tools (e.g., CyberArk, Beyond Trust, Delinea).
• Standards Knowledge: Strong understanding of RBAC/ABAC/SoD models and identity federation protocols (SAML, OAuth, OIDC).
• Regulatory Knowledge: Deep knowledge of compliance frameworks such as PCI-DSS, ISO 27001, SOX, and GDPR.

Skills & Competencies

• Expert in IAM frameworks and access governance across multiple subsidiaries.
• Skilled in data-driven decision-making, reporting, and risk management.
• Strong executive presence and stakeholder management.
• Proven ability to drive complex programs and change initiatives.