• Application Deadline: Thu, 6 Jul 2023 00:00:00 GMT
• Position: Team Member, Governance, Risks and Standards


• Job Type Full Time


• Qualification BA/BSc/HND


• Experience 1 year


• Location Lagos


• Job Field ICT / Computer 
  

JOB OBJECTIVE(S)

• Provide assurance on the effectiveness and efficiency of Information Systems and Cybersecurity Risk Management, Control and governance processes within the bank and subsidiaries to achieve strategic and business  objectives


• Provide assurance that the bank and subsidiaries are adequately protected against third party vendor and outsourcing risks.

DUTIES & RESPONSIBILITIES

• Participate in the annual Enterprise Information Technology and Governance Audit using COBIT5 standards


• Executes the audit of the following standards:
  
  
  
  • ISO 27001 - Information Security Management Systems
  
  
  • ISO22301 – Business Continuity Management Systems
  
  
  • PCIDSS     -  All in-scope departments
  
  
  • ISO20000 – Service Management
  
  
  • ISO9001   – Quality Management Systems
  
  
  
  


• Executes IT Outsourced Service Providers audits


• Participates in the review of E-Risk Management Framework, Operational Risk Management and other related Frameworks/policies


• Carries out planned/adhoc activities to ensure the audits are performed in line with Internal Audit Methodology and relevant professional standards


• Participates in Operational Risk process reviews to ensure Security Operations team’s compliance with Operational Risk Governance Framework


• Ensures the currency of Governance, Risks and standards audit procedures/checklists given the proliferation and complexity of Information and communication technologies


• Participates in GRS related projects to ensure that stated benefits are realized


• Participates in the follow-up and timely regularization of audit exceptions and assurance of GRS team.


• Work with external management systems auditors to ensure the Bank’s annual recertification

JOB REQUIREMENTS

Education

• First Degree preferably in Computer science or related discipline


• Professional certification (CISA, CRISC, ISO 27001, ISO 22301, ISO 20000, PCIDSS etc.)

Experience

• Minimum experience - Minimum experience - 1 year in IT and Audit/Control/Information Security/Information Risk Management and Project Management.