About this role
Key Responsibilities:
• Regulatory and Standards Management: Proactively monitor, interpret, and analyze evolving local and international regulatory requirements and industry standards relevant to information security, including but not limited to [Specify relevant regulations like GDPR, PCI DSS, ISO 27001, sector-specific regulations applicable in Rwanda]. Ensure the organization's policies, procedures, and practices are aligned with these obligations.
• Audit and Assessment Management: Plan, coordinate, and manage all internal and external information security audits and assessments. This includes preparing audit materials, facilitating the audit process, documenting findings, and tracking remediation efforts to ensure timely and effective resolution of identified gaps.
• Policy and Procedure Development: Contribute to the development, review, and maintenance of robust information security policies, standards, procedures, and guidelines. Ensure these documents are clearly articulated, effectively communicated, regularly updated, and aligned with both regulatory requirements and industry best practices.
• Compliance Monitoring and Enforcement: Establish and implement mechanisms for ongoing monitoring of compliance with relevant regulations, standards, and internal policies. Identify and address instances of non-compliance, working collaboratively with relevant departments to implement corrective and preventative actions.
• Risk and Control Management: Participate in information security risk assessments, providing expert guidance on compliance requirements and recommending appropriate security controls to mitigate identified risks. Monitor the implementation and effectiveness of these controls.
• Training and Awareness: Develop and deliver targeted training and awareness programs on information security compliance requirements and best practices for employees across the organization. Foster a culture of security awareness and accountability.
• Reporting and Communication: Prepare regular and ad-hoc reports on the organization's compliance posture for senior management and relevant stakeholders. Communicate effectively on compliance-related matters and provide expert advice on navigating the regulatory landscape.
• Stakeholder Engagement: Liaise with internal stakeholders (e.g., Legal, IT, Business Units) and external entities (e.g., auditors, regulatory bodies) on compliance-related matters.
Key relationships:
Internal:
• All departments
________________________________________
Who We’re Looking For:
Qualifications & Experience
• Bachelor’s degree in information security or computer science.
• Minimum of 4 years of demonstrable experience in information security compliance management, preferably within [NBR Cybersecurity regulation, BCM regulation, Data protection Law and outsourcing regulation].
• Proven understanding of relevant local and international regulations and standards (e.g., data protection laws in Rwanda or GDPR, (it will be an added advantage if they have experience in the implementation of ISO 27001, ISO27701 and PCIDSS).
• Experience in managing and participating in security audits (internal and external).
• Strong analytical, problem-solving, and communication (both written and verbal) skills.
• Ability to interpret complex legal and regulatory requirements and translate them into practical security controls and guidance.
• Professional certifications such as CISA, CISM, CRISC, or relevant legal/compliance certifications are highly desirable.
Fluent in English; French proficiency is an advantage
________________________________________
What You’ll Get
• An inclusive and growth-driven workplace.
• Regional exposure and career development opportunities.
• Performance-based incentives and a supportive team culture.
• The chance to make a meaningful contribution to Rwanda’s corporate banking space.
________________________________________
To Apply
Submit your application by February 6th, 2026, by 6:00PM via our career portal.
________________________________________
Diversity, Equity & Inclusion Commitment
Ecobank is committed to providing equal opportunities to all and fostering an inclusive and diverse workplace. To this end, we encourage applications from individuals regardless of their nationality, race, gender, age, social class, religion, beliefs, and disability while fully adhering to the local laws and regulations established where Ecobank operates. Women are strongly encouraged to apply. We ensure fair treatment and equal opportunity at every step of our recruitment process.
________________________________________
Recruitment Integrity
• Only shortlisted candidates will be contacted.
• Employment is conditional upon successful background checks and verification.
• All offers of employment are subject to satisfactory references.