We are seeking a skilled professional to oversee governance and policy frameworks, ensuring alignment with organizational objectives and regulatory requirements. This role involves developing, implementing, and monitoring policies to mitigate risks and enhance operational efficiency. The ideal candidate will have a strong background in governance principles, compliance, and strategic planning, with the ability to collaborate across departments to drive cohesive policy execution. Responsibilities include drafting governance documents, conducting policy reviews, and advising leadership on best practices to foster a culture of accountability and transparency. Proficiency in policy analysis, stakeholder engagement, and change management is essential for success in this position.
Responsible for the creation, evaluation, and ongoing management of information security policies, standards, procedures, and guidelines.
Align efforts with established frameworks and industry standards, such as ISO/IEC 27001, PCI DSS, and the CBN Cybersecurity Framework, to maintain compliance and best practices.
Establish comprehensive frameworks for security governance, delineating clear structures, roles, and decision-making mechanisms to ensure robust oversight and alignment with organizational objectives.
The role encompasses the identification, assessment, and mitigation of potential risks to ensure organizational stability and compliance with regulatory standards. Key responsibilities include developing and implementing risk management frameworks, conducting thorough risk evaluations, and devising strategies to minimize exposure to financial, operational, and strategic threats. This position requires a strong analytical mindset, proficiency in risk assessment tools, and a deep understanding of industry-specific regulations. Candidates must possess excellent problem-solving abilities, meticulous attention to detail, and the capacity to communicate complex risk scenarios effectively to stakeholders. A background in finance, business administration, or a related field, along with relevant certifications such as FRM or PMP, is highly preferred.
Conduct comprehensive enterprise information security risk assessments and develop detailed risk treatment plans to mitigate identified vulnerabilities and threats.
Maintain the security risk register while systematically tracking remediation activities to ensure comprehensive oversight and accountability.
Provide strategic guidance to business units regarding risk acceptance, mitigation, transfer, or avoidance strategies.
Ensures adherence to compliance standards and regulatory requirements through systematic assessment and verification processes. Develops and implements policies, procedures, and controls to mitigate risks and maintain organizational integrity. Conducts regular audits, inspections, and reviews to identify gaps and ensure operational alignment with legal and industry-specific mandates. Collaborates with cross-functional teams to foster a culture of compliance, providing guidance and training to mitigate potential violations. Monitors changes in regulations, interprets their impact on business operations, and recommends necessary adjustments to policies and procedures. Serves as a liaison with regulatory bodies, addressing inquiries and facilitating inspections to uphold organizational compliance posture.
Ensure adherence to all relevant legal, regulatory, and contractual obligations, including the Nigeria Data Protection Regulation (NDPR), the Central Bank of Nigeria’s Cybersecurity Framework, the Payment Card Industry Data Security Standard (PCI DSS), and ISO 27001.
Oversee the planning and execution of both internal and external audits, evaluations, and certification processes.
Monitor and resolve audit findings and compliance discrepancies in a timely and effective manner.
We are seeking a skilled professional to oversee metrics, reporting, and assurance functions, ensuring accuracy, compliance, and strategic insights. The ideal candidate will develop and maintain robust reporting frameworks, analyze performance data, and provide actionable recommendations to drive operational excellence. Responsibilities include validating data integrity, ensuring regulatory adherence, and collaborating with cross-functional teams to enhance transparency and accountability. Strong analytical abilities, meticulous attention to detail, and proficiency in data visualization tools are essential. Experience in assurance practices and a commitment to continuous improvement are critical for success in this role.
Establish and oversee security governance key performance indicators (KPIs), key risk indicators (Kris), and executive dashboards to ensure alignment with organizational objectives and regulatory standards.
Compile and present comprehensive security posture reports tailored for presentation to management, risk committees, and external auditors.
Facilitate reporting to the board and executive leadership on information security matters.
Third-party and vendor security governance encompasses the strategic oversight and management of security risks associated with external partners and suppliers. This role involves establishing robust frameworks to assess, monitor, and mitigate vulnerabilities introduced through third-party engagements. Key responsibilities include conducting thorough security evaluations of vendors, ensuring compliance with organizational security policies and industry regulations, and maintaining continuous oversight of third-party risk exposures. Effective governance requires collaboration with cross-functional teams to align security practices, address identified gaps, and enforce contractual obligations pertaining to cybersecurity. The position demands expertise in risk assessment methodologies, familiarity with regulatory requirements such as GDPR or HIPAA, and strong communication skills to articulate security expectations and remediation plans to stakeholders.
Facilitate the execution of third-party security risk evaluations and due diligence procedures.
Evaluate the security measures implemented by suppliers and analyze the contractual security provisions to ensure compliance and mitigate risks.
Evaluate and ensure continuous adherence to regulatory standards by key suppliers.
Demonstrating a commitment to ongoing enhancement and proactive learning is essential for driving measurable progress and operational excellence. This role requires an unwavering dedication to identifying opportunities for growth, refining processes, and implementing sustainable solutions to elevate performance standards. Success hinges on a forward-thinking mindset, adaptability to evolving challenges, and the ability to translate insights into actionable strategies that foster long-term improvement.
Facilitate the development and delivery of security awareness training programs and enforce adherence to established security policies.
Track updates in regulations and evolving governance practices to ensure ongoing compliance and alignment with industry standards.
Enhance governance and control frameworks to foster ongoing advancement in maturity levels.
Seeking a highly organized and detail-oriented individual to oversee daily operations with exceptional accuracy and efficiency. The ideal candidate will possess strong analytical skills, proficiency in data management systems, and the ability to multitask in a fast-paced environment. Requirements include a minimum of three years of experience in a similar role, a bachelor’s degree in business administration, finance, or a related field, and advanced proficiency in Microsoft Office Suite, particularly Excel. Additionally, excellent communication abilities, both written and verbal, and a commitment to maintaining strict confidentiality are essential. Experience with project management tools and prior supervisory responsibility are highly desirable.
A bachelor’s degree in Information Security, Computer Science, Information Technology, or a comparable discipline is required.
A minimum of five to nine years of hands-on experience in information security governance, risk, and compliance (GRC) is required.
Seeking candidates with practical expertise in deploying or overseeing security frameworks, including ISO 27001, the CBN Cybersecurity Framework, NDPR, and PCI DSS.
Possesses a solid grasp of various risk management approaches and established control frameworks.
Proven track record in conducting audits, performing compliance reviews, and ensuring adherence to regulatory standards.
Professional experience with security tools and platforms that facilitate governance and compliance initiatives is required.
Proficiency in the financial services, fintech, or telecommunications sectors would be beneficial.
Qualifications
BA/BSc/HND
Experience Required
5 - 9 years
