Description
- Define and implement processes and technologies for threat and vulnerability management, threat and risk assessment, and metrics supporting our information security program’s health and performance.
- Coordinates Penetration Testing activities with third-party vendors and lead security assessments to help gauge how ongoing change management in our environment may expose us to internal or external risks.
- Understand end-to-end informational and data processes and flows, and works to protect the security, availability, integrity, confidentiality, and privacy of the data.
- Manage the team to design, build and implement reporting solutions which meet client and user requirements
- Bring greater standardization of methodologies, measures, visualizations and delivery tools for all reporting deliverables
- Understand and evaluate relevant IT & Cyber risks and controls designed to mitigate these risks to a level acceptable by IT management
- Conduct controls testing activities in areas such as Incident Management, Disaster Recovery, Change Management, Cryptography, Network Security and Identity & Access Management
- Lead and coordinate activities relating to risk management, raising awareness and helping further develop the organization’s risk culture.
- Responsible for managing projects and monitoring the quality of work performed on IS and security related engagements, including actively participating in the budget cycle, forecasting, monitoring and tracking functional and divisional expenditure
- Implement and maintain GRC policies and procedures based on ISO 27001 standard.
- Ensure that the Information Security Strategy is meeting the security and privacy needs of internal and external customers.
- Manage the creation, design and documentation of related processes and procedures to support the company to reduce risk and vulnerability exposure.
- Provide leadership, guidance, and management of the Cybersecurity and IT Assurance Audit Team, including building individual development plans and performance reviews.
Education:
- Bachelor’s in Engineering (B.Eng.)/BSc. Computer Science
- Relevant certifications such as CCSP, CISSP, CISA, SSCP, CISM and CASP+
- Fluent in English
Experience:
- 9 – 17 years’ experience which includes;
- Minimum 5 years’ experience in internal audit (specifically in cybersecurity, network and Technology audits), with experience in supervising others advantageous
- Minimum of 2 years in an information security team leadership position
- Prior experience working in financial services, or other regulated or critical infrastructure sectors is preferred
- Experience with major audit firm as advantage
- Extensive knowledge of cybersecurity frameworks such as NIST CSF
- Extensive knowledge of compliance frameworks such as SOC, ISO, COBIT, and CMMC
- Knowledge of technical infrastructure, operating systems, networks, databases, and systems as they relate to IT Security and IT Risk.
- Proficiency in Microsoft Office suite applications with specific emphasis on Word, Excel, Power Point and Projects.
How to Apply
Interested and qualified? Go to MTN Nigeria on ehle.fa.em2.oraclecloud.com to apply