Information Security Governance Officer at the Nigerian Stock Exchange (NSE)
The Nigerian Stock Exchange, services the largest economy in Africa, and is championing the development of Africa's financial markets. The Exchange offers listing and trading services, licensing services, market data solutions, ancillary technology services, and more. It is an open, professional and vibrant exchange, connecting Nigeria, Africa and the world.
We are recruiting to fill the position below:
Job Title: Information Security Governance Officer
Location: Lagos
Division: CEO
Department: Information Security Department
Report to: Information Security Manager
Grade: Executive Assistant - Officer
Estimated Date Of Resumption: Monday, May 4, 2020
Job Summary
- The Incumbent will develop and manage the information security training program for all employees and the ecosystem, which includes annual security awareness training, policy specific training, Newsletters, security notifications as well as the global phishing campaign.
- S/he will ensure that information security programs are in compliance with applicable laws, regulations and policies to minimize or eliminate risk and audit findings. The Incumbent will develop business-relevant metrics to measure the efficiency and effectiveness of the programs, facilitate appropriate resource allocation and enhance the maturity of the security and compliance program.
- S/he will also Maintain and deliver the information security element of new employee orientation/induction training; assisting with the maintenance and dissemination of information security policies, procedures and guidelines; assisting with the gathering and analysis of information security metrics.
- The Nigerian Stock Exchange services the largest economy in Africa, and is championing the development of Africa’s financial markets. The Exchange offers listing and trading services, licensing services, market data solutions, ancillary technology services, and more. It is an open, professional and vibrant exchange, connecting Nigeria, Africa and the world.
- The Information Security Governance Officer will coordinate the identification, assessment, reporting and management of risk in relation to all aspects of information governance (IG) within the Exchange, including regular review of the Information Asset Risk Register.
Key Responsibilities
- Coordinate the classification of information and physical assets of the Exchange
- Coordinate strategies and rollouts to provide physical and environmental solutions in Exchange Maintain a list of all areas which contain critical systems or critical information assets
- Facilitate and coordinate the necessary counter measures to physical and environmental incidents with service providers
- Review the effectiveness of Exchange’s physical and environmental protection strategy and implemented security controls
- Provide input in formulation of necessary information security policies, procedures and guidelines. Facilitate ISMS awareness among staff and other stakeholders in ensuring sustenance of ISMS in the Exchange
- ISMS Compliance Monitoring
- Act as Team Lead to XGEN User Profile Administration.
- Management of all passwords eg Reset and admin privilege control
- Review the result from risk assessment and develop effectiveness of control
- Manage and follow-up on control effective measures and documentation
- Determine whether the security activities implemented are performing as expected
- Maintain the Security of all Information entrusted to the staff
- Comply with the principles and policies in the Information Security Handbook
- Maintain the flow of both electronic and hard-copied controlled documents, department files and resource materials. Writing document control systems and putting them into action, logging, tracking and maintaining batch records, coordinating document control issues
Qualifications And Experience
To successfully deliver the above goals, the right candidate must have:
- Experience within the Financial or Services sector will be a distinct advantage
- Experience in managing / working with senior stakeholders will be a distinct advantage.
- A minimum Bachelor's degree in Science, Computer Science, Engineering discipline, Mathematics or Physics or any related discipline
- A minimum 2 years post NYSC relevant experience with desktop, server and/or network administration
Candidates Technical Knowledge And Experience:
- Experience with internet, web, application and network security techniques
- Solid understanding of Configuration Management and testing methodologies both manual and automated
- Strong knowledge of the business environment and technical infrastructures including software development, computer operations, network operations and telecommunications.
- Extensive experience in enterprise security architecture design and enterprise security document creation. Solid knowledge of information security principles and practices. Working experience with intrusion detection systems
- Installation, configuration, monitoring and response to security system
- Understanding of advanced security protocols and standards
Functional Competencies:
- Information Systems Audit
- Information Technology Service Operations
- Network and Telecommunications Technology
- Software Engineering and Development
- Ability to work under presure with strict deadlines
- Strong incident management skills
- Strong experience of IT service, operations and support
- Analytical Thinking
- Compliance Risk Management
- Desktop Engineering and Support
- Emerging Technologies
- Enterprise Architecture
- Enterprise Risk Management
- Information Security
- Ethics Knowledge
- Excellent Communication Skills, both Written and Verbal.
Behavioural Competencies:
- Time Management
- Excellent decision making capabilities with assertive approach
- Knowledge of ISMS standard.
- Attention to Detail
- Change Management
- Integrity
- Problem Solving
Application Deadline 9th March, 2020.