• Application Deadline:
• Position: Chief Information Security Officer (Financial Institution)



• Job Type Full Time



• Qualification BA/BSc/HND , MBA/MSc/MA



• Experience 10 years



• Location Lagos




• Job Field ICT / Computer 
  
  

Job Purpose

• The Chief Information Security Officer (CISO) will be responsible for establishing and maintaining the enterprise vision, strategy, and programs to ensure information assets and technologies are adequately protected. He/She will lead the development and implementation of security policies, risk management strategies, cyber-defense initiatives, regulatory compliance, and incident response protocols across the organization.

Key Responsibilities

Strategic & Leadership

• Develop the company’s information security strategy, roadmap, and long-term cybersecurity vision.


• Lead, mentor, and manage the Information Security and Cyber Security Risk teams.


• Establish and maintain enterprise-wide security governance aligned with global best practices.

Cybersecurity Operations

• Oversee implementation, monitoring, and continuous improvement of cybersecurity controls across networks, applications, endpoints, and cloud environments.


• Manage the Security Operations Center (SOC) and threat-intelligence activities.


• Direct vulnerability assessments, penetration tests, and security audits.

Risk & Compliance

• Conduct periodic risk assessments to identify, quantify, and prioritize security risks.


• Ensure compliance with regulatory standards (e.g., ISO 27001, GDPR, NDPR, PCI-


• DSS, CBN / NDIC regulations for financial institutions).


• Develop and enforce security policies, standards, and procedures across all business units.Incident Response & Business Continuity


• Lead the development and implementation of Cybersecurity Incident Response Plan (CIRP).


• Coordinate response to security breaches, cyber-attacks, data leaks and ensure timely communication to stakeholders.


• Collaborate with IT leadership to ensure business continuity and disaster recovery frameworks are secure and tested.

Stakeholder Management

• Provide periodic security reports to the Board, Executive Management, and regulators.


• Ensure security awareness training for staff and promote cybersecurity culture.


• Serve as the primary liaison with law enforcement agencies, cybersecurity partners, and regulators.

Key Performance Indicators (KPIs)

• % reduction in cybersecurity incidents and vulnerabilities


• SLA response time to incidents and breaches


• Regulatory and audit compliance rating


• Implementation rate of cybersecurity roadmap initiatives


• Staff cybersecurity awareness and training completion rate

Qualifications & Requirements

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or related field (Master’s degree preferred).


• Relevant cybersecurity certifications such as: CISSP, CISM, CEH, CCSP, CRISC, ISO 27001 Lead Implementer/Auditor, GSEC.


• Minimum of 10+ years of combined IT and cybersecurity experience, with at least 5 years in a leadership role.


• Strong understanding of Information security frameworks
  
  o Cloud security and network architecture
  
  o Digital risk management and governance
  
  o Regulatory compliance requirements


• Proven experience managing cybersecurity programs in financial services or technology-driven organizations is an added advantage.

Core Competencies

• Strategic thinking and leadership


• Cyber risk management


• Incident command decision-making


• Data and information governance


• Excellent communication and reporting skills


• Stakeholder and crisis management


• Ethical, confidential, and highly analytical mindset