The position involves overseeing governance frameworks and ensuring adherence to established policies, with a focus on maintaining regulatory compliance and operational integrity. Key responsibilities include developing, implementing, and monitoring governance structures, as well as reviewing and updating policies to align with evolving business needs and regulatory requirements. The role requires strong analytical skills, meticulous attention to detail, and the ability to interpret complex regulations. Additionally, the position demands effective communication to collaborate with stakeholders and leadership in driving policy adoption and governance best practices.
Develop, evaluate, and uphold information security policies, standards, procedures, and guidelines to ensure robust protection of organizational assets.
Ensure adherence to established frameworks and regulatory standards, including ISO/IEC 27001, PCI DSS, and the CBN Cybersecurity Framework.
Establish clear security governance frameworks, delineate roles and responsibilities, and implement structured decision-making processes.
Analyzes and mitigates potential risks to safeguard organizational assets and ensure operational resilience through systematic assessment and strategic planning. Implements comprehensive risk frameworks, identifies emerging threats, and develops tailored mitigation strategies to minimize financial, operational, and reputational exposures. Conducts thorough risk evaluations, monitors risk indicators, and provides data-driven recommendations to senior leadership to support informed decision-making. Collaborates with cross-functional teams to integrate risk management practices into business processes, ensuring compliance with regulatory standards and internal policies. Maintains accurate documentation of risk assessments, tracks mitigation progress, and reports key risk metrics to stakeholders.
Conduct enterprise-level information security risk assessments and develop corresponding risk treatment plans.
Oversee the security risk register and monitor remediation efforts to ensure timely resolution of identified risks.
Recommend strategies to business units for accepting, mitigating, transferring, or avoiding risks.
Ensures adherence to applicable laws, regulations, and internal policies while mitigating risks associated with non-compliance. Develops, implements, and monitors compliance frameworks to uphold organizational integrity and operational efficiency. Conducts thorough assessments, audits, and investigations to identify areas of concern and recommend corrective actions. Collaborates with cross-functional teams to foster a culture of compliance and provide guidance on regulatory requirements. Maintains up-to-date knowledge of evolving laws and industry standards to ensure the organization remains compliant and competitive.
Ensure adherence to all relevant legal, regulatory, and contractual obligations, including the Nigeria Data Protection Regulation (NDPR), the Central Bank of Nigeria’s Cybersecurity Framework, the Payment Card Industry Data Security Standard (PCI DSS), and the ISO 27001 standard.
Ensure seamless orchestration of internal and external audits, evaluations, and compliance certifications, maintaining alignment with established standards and regulatory requirements.
Monitor and resolve audit findings and compliance deficiencies to ensure adherence to regulatory standards and internal policies.
We are seeking a professional to oversee metrics, reporting, and assurance functions, ensuring accuracy, compliance, and strategic insights. The role involves developing and maintaining robust reporting frameworks, analyzing key performance indicators, and validating data integrity. Additionally, the position requires collaborating with cross-functional teams to enhance transparency and support data-driven decision-making. Strong analytical skills, proficiency in data visualization tools, and a keen attention to detail are essential for success in this role.
Establish and sustain key metrics for security governance, including KPIs, Kris, and interactive dashboards.
Compile and present comprehensive security posture reports for review by senior management, risk committees, and external auditors.
Provide board-level and executive reporting on information security matters to ensure informed decision-making and strategic alignment.
Dedicated to overseeing and maintaining robust security governance for third-party vendors and external partners, this role ensures that all contractual and regulatory obligations are consistently met. The position involves establishing and enforcing security standards, conducting thorough risk assessments, and monitoring compliance across all vendor relationships. Additionally, it requires regular audits, incident response coordination, and continuous improvement of security frameworks to mitigate potential threats and enhance overall resilience. Strong analytical skills, meticulous attention to detail, and expertise in security governance principles are essential for success in this critical function.
Conduct third-party security risk evaluations and due diligence procedures to ensure comprehensive risk mitigation and compliance adherence.
Review supplier security controls and contractual security clauses.
Monitor ongoing compliance of critical vendors.
We are committed to fostering a culture of awareness and driving continuous improvement through proactive learning and adaptability. Employees are expected to stay informed about industry trends, emerging technologies, and evolving best practices to enhance performance and contribute meaningfully to organizational growth. This role requires a willingness to embrace feedback, identify areas for development, and implement strategic enhancements to optimize workflows and outcomes. Strong analytical skills, a solutions-oriented mindset, and a dedication to measurable progress are essential for success in this position.
Facilitate and oversee the development, implementation, and delivery of security awareness and policy training programs to ensure compliance and foster a culture of cybersecurity awareness across the organization.
Observe and stay abreast of regulatory updates and evolving governance developments.
Enhance the maturity of governance and control frameworks through ongoing, systematic advancements.
Must have a Bachelor’s degree in Computer Science, Software Engineering, or a related field. Minimum of 3 years of professional experience in software development. Proficiency in programming languages such as Java, Python, or C++. Experience with relational databases (e.g., MySQL, PostgreSQL) and NoSQL databases. Strong problem-solving skills and ability to work in a fast-paced environment. Excellent communication skills for collaborating with cross-functional teams. Familiarity with Agile methodologies and version control systems (e.g., Git). Demonstrated ability to design, develop, and deploy scalable software solutions.
A bachelor’s degree in Information Security, Computer Science, Information Technology, or a closely related discipline is required.
A minimum of five to nine years of hands-on experience in information security governance, risk management, and compliance (GRC) is required.
Proven expertise in the deployment and oversight of security frameworks, including ISO 27001, the CBN Cybersecurity Framework, NDPR, and PCI DSS, is essential.
Demonstrates a solid grasp of risk management principles and control frameworks.
Proven expertise in conducting audits, executing compliance reviews, and ensuring adherence to regulatory requirements is essential.
Understanding of security tools and platforms that facilitate governance and compliance functions is required.
Proficiency in financial services, fintech, or telecommunications would be particularly beneficial.
Qualifications
BA/BSc/HND
Experience Required
5 - 9 years
