• Application Deadline:
• Position: Information Systems Security Compliance Engineer


• Job Type Full Time


• Qualification BA/BSc/HND


• Experience 2 years


• Location Lagos


• Job Field ICT / Computer 
  

Description

• The Security Compliance Engineer works in the office of the CISO in the Risk & Compliance team to help Canonical to achieve overall security & compliance goals and relevant certifications, as well as compliance with regulatory frameworks and other relevant standards.


• The team's role is to ensure that Canonical conducts its business processes in compliance with laws and regulations, internal policies and procedures defined and international standards/best practices.


• This position is for an individual with the knowledge, drive and personal motivation to help build and grow a strong security & compliance governance framework in a fast-growing tech company, as well as help it achieve/maintain the necessary compliance certifications.


• This role can be home or office based. Periodic international travel for training and business meetings is required.

Key Responsibilities

• Collaborate with IT operations, Legal, Security, and Engineering teams to define and implement policies and procedures


• Help to design and implement controls to strengthen the company’s Security Posture


• Collaborate with various teams to ensure security standards are met across all projects


• Assess vulnerabilities/risks that could affect the integrity, availability, or confidentiality of data, systems, or services of the company and provide mitigation solutions


• Conduct regular audits to ensure compliance with internal policies and procedures, relevant security standards best practices, regulations and client requirements to identify gaps and provide remediation solutions


• Ensure controls are configured correctly and integrated into the security strategy


• Collaborate with internal teams to respond to Security Questionnaires, Contract  Compliance and Security & Compliance posture questions from customers


• Provide guidance and support to internal stakeholders regarding security & compliance practices


• Collaborate with internal teams to gather evidence for external audits


• Participate in the creation and or maintenance of the Information Security Management System


• Maintain an up-to-date knowledge on Security standards, best practices and trends to ensure ongoing compliance

Qualifications

Valuable experience:

• Bachelor's Degree (or equivalent) in Computer Science, Information Systems, or related field


• Affinity with Open Source software with regards to compliance


• Knowledge of designing and implementing security processes and solutions with topics ranging from architecture, governance, compliance, and operations


• Technical or engineering background, including software development, scripting, networking, and cloud architecture

Required skills and experience:

• 2+ years of experience within a security and compliance function


• Experience developing and maintaining policies, procedures, standards, and guidelines to align with company’s strategy and best practices


• Experience with security controls implementation, configuration and maintenance


• Experience with vulnerability management tooling, remediation, and processes


• Experience with coding/scripting in one or more languages (Python, C, C++, Java)


• Experience with Linux operating systems (Ubuntu preferred)


• Understanding of concepts related to Systems Engineering/DevOps, IaC, IAM, network security, systems security, cryptography


• Have a wide understanding of cybersecurity and data protection frameworks such as ISO 27001, NIST, SOC2, PCI-DSS, GDPR, CCPA.


• Experience with third party and external audits