• Application Deadline:
• Position: Information & Cybersecurity (ICS) Policy & Awareness Officer


• Job Type Full Time


• Qualification BA/BSc/HND


• Experience 5 years


• Location Lagos


• Job Field ICT / Computer 
  

JOB OBJECTIVE(S)

Manage and evaluate the Bank’s security policies and regulatory standards to minimize the risk of compromise of sensitive business systems

DUTIES & RESPONSIBILITIES

•  Develops policy, framework, security baselines and procedures for the information/Cybersecurity governance, including control document reviews, stakeholder review/sign-off and post-approval communication.


• Serves in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensures that security controls are implemented as planned


• Monitors compliance with security policies, standards, guidelines, procedures, respond to policy violations and escalate exceptions.


• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.


• Provide support for Independent Vulnerability Assessment & Penetration Test (VAPT) projects.


• Assesses threats and vulnerabilities in the Banks products and technology acquisition. Engage IT Project managers on IT project risk and provide guidance


• Continuously communicate and ensure staff and third-parties are aware of information and cyber security as it relates to their roles and/or services


• Empower staff bank-wide through periodically Information and cyber security risk awareness and training including role based and privileged user training using different sources: Newsletters, E-Learning (Computer Base Training), Facilitator Led training, E-flyers etc


• Develop an awareness program for the enterprise and conduct training to ensure that stakeholders understand Information risk management to promote a risk-aware culture.

JOB REQUIREMENTS

Education

• Minimum Education:   First Degree in computer science/Engineering


• Professional Certifications: CISM, ISO27001 Lead Implementer, or any Cybersecurity Professional Certifications

Experience

Minimum experience – 5 years’ experience in facilitating and conducting security awareness and policy development, security architecture and security standards/requirements (PCI-DSS, ISO27001, Cybersecurity)