• Application Deadline: Sun, 11 Jan 2026 00:00:00 GMT
• Position: Information Security Compliance Officer



• Job Type Full Time



• Qualification BA/BSc/HND



• Experience 3 - 6 years



• Location Lagos




• City Surulere




• Job Field Security / Intelligence 
  
  

Role Overview

• The Security Compliance and Audit Specialist will drive enterprise-wide compliance initiatives by ensuring adherence to ISO standards, global data protection laws, and internal governance frameworks. The role is responsible for conducting audits, performing gap assessments, maintaining compliance documentation, and collaborating with cross-functional teams to strengthen the organisation’s security posture.

Key Responsibilities

Security Compliance Management

• Lead implementation and maintenance of ISO 27001, ISO 27701, ISO 22301, and related standards.


• Develop, maintain, and audit ISMS documentation.


• Conduct risk assessments, controls evaluation, and compliance reporting.


• Ensure organisation-wide alignment with policies and procedures.

Data Protection Governance

• Ensure compliance with GDPR, NDPR, DPDP, and other privacy regulations.


• Maintain RoPA and Data Flow Diagrams.


• Support DPIA and vendor privacy assessments.


• Collaborate with the Data Protection Officer to resolve privacy gaps.

Internal and External Audit Execution

• Plan and perform internal audits for security and IT controls.


• Support external audits conducted by regulators and certification bodies.


• Prepare audit evidence, reports, and maturity dashboards.


• Ensure timely remediation of audit findings.

Governance, Risk, and Compliance (GRC)

• Maintain risk registers and compliance matrices.


• Align controls with NIST CSF, CIS, PCI DSS, and internal frameworks.


• Conduct third-party risk assessments.


• Collaborate with IT, HR, Legal, and Business units to ensure compliance.

Awareness and Training

• Conduct training on information security and data privacy.


• Lead phishing and DLP awareness programs.


• Support development of SOPs, policies, and security playbooks.

Required Skills & Competencies

• Strong understanding of ISO 27001, ISO 27701, ISO 22301, CIS, NIST, PCI DSS.


• Hands-on knowledge of GDPR, NDPR, DPDP, and privacy frameworks.


• Experience with GRC tools (ServiceNow, Archer, OneTrust, etc.).


• Strong documentation, analytical, and communication skills.


• Ability to translate regulations into actionable controls.


• Familiarity with cloud and IT security technologies.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field.


• Relevant certifications: ISO 27001 Lead Auditor/Implementer, CISA, CISM, CDPSE, ISO 27701 (preferred).


• 3–6 years of experience in security compliance, audit, or privacy governance.