Vacancies at IHS Towers
IHS Towers is the largest independent mobile telecommunications infrastructure provider in Europe, Africa and the Middle East. Founded in 2001, IHS provides services across the full tower value chain - colocation on owned towers, deployment and managed services.
Today IHS Towers has operations in Nigeria, Cameroon, Côte d’Ivoire, Zambia and Rwanda. Following the recent acquisitions of MTN and Etisalat’s tower portfolios in Nigeria, IHS owns over 23,300 towers in Africa.
We are recruiting to fill the positions below:
Job Title: Specialist, IT Risk Management
Location: Lagos, Nigeria
Job Type: Full-time · Associate
About the Job
- We are currently recruiting for a Specialist, IT Risk Management who will assist in promoting adherence to information risk standards and procedures which protect the company’s systems from internal and external threats.
Key Roles & Responsibilities
- Provide inputs to design of the Information Risk Management (IRM) framework. Take responsibility for maintaining the framework, including refreshing and implementing an annual program.
- Build awareness of new and evolving risks across in-scope functions and IT.
- Lead the identification of key risk indicators (KRIs) for in-scope functions based on up-to-date situational analyses and trends. Provide relevant and timely information on KRIs for effective risk oversight.
- Develop action points to ensure that KRIs which exceed thresholds are reduced to an acceptable level.
- Perform annual IT risk and audit reviews in line with the approved annual plan.
- Provide second-line security and audit assurance for continuous improvement.
- Collaborate continuously with internal audit and other key internal stakeholders as part of the overall enterprise risk management framework.
- Contribute towards establishing credible risk governance, an integrated risk management mindset, and an execution approach which appropriately prioritizes action based on business impact.
- Implement appropriate systems and processes that ensure information risks are proactively managed and undesired events (when they occur) are detected and remedied early.
- Participate in the development of risk plans and procedures, as well as organizational structures, that provide an acceptable level of assurance in IT.
- Follow up on open audit and risk items to ensure closure.
- Manage the business continuity plan (BCP) for IT. Ensure continuous and regular validation and testing of documented/ approved BCP.
- Conduct continuous risk assessments for new and existing solutions.
- Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
- Perform gap assessments using the COBIT process assessment model and follow up to ensure timely remediation of gaps and implementation of new IT processes.
- Review policies and develop processes and procedures that provide an acceptable level of assurance.
- Perform other tasks and duties as assigned by the Manager, IT Risk & Control.
Experience & Qualifications Required
- Bachelor's Degree in Computer Science, Computer Engineering, Information Technology, or related disciplines.
- 5-6 years’ relevant work experience in Information Security, Risk Advisory, and IT Compliance.
- Professional certifications such as CISA, CRISC, ISO27001, ISO27005: Lead Risk Manager will be an asset.
- Demonstrable application of knowledge of defence in-depth, least privileges, need-to-know, separation of duties, access controls and encryption.
- Proven knowledge of risk management, information security, mobile core technologies and controls.
Organizational Competencies:
- Be Bold
- Customer Focus
- Innovation
- Integrity
Functional Competencies:
- IT Audit
- Vulnerability Management
- Business Continuity
- Risk Management
- ITIL
- ISO27001
- Problem Solving
Behavioural Competencies:
How to Apply
Interested and qualified candidates should:
Click here to apply
Note: Please apply with an updated resume/ CV
Application Deadline 19th October, 2021.
Job Title: Specialist, IT Compliance & Reporting
Location: Lagos, Nigeria
Job Type: Full-time · Associate
About the Job
- We are currently recruiting for a Specialist, IT Compliance & Reporting who will implement and maintain IT processes designed to counteract interruptions to business activities and protect critical business information assets against effects of major information system failures or disasters.
Key Roles & Responsibilities
- Maintain the company’s IT Compliance Program. Provide inputs to program design and propose revisions where applicable.
- Work with relevant stakeholders to develop an effective IT Compliance training program, including appropriate introductory training for new employees as well as ongoing training for all employees.
- Provide advice on emerging compliance issues and consult with relevant functional areas/ teams to ensure risks are mitigated.
- Collaborate with key internal stakeholder functions, such as Risk Management and Internal Audit, to direct compliance issues to appropriate existing channels for investigation and resolution.
- Respond to alleged violations of rules, regulations, policies, procedures and standards of conduct by evaluating or recommending initiation of investigative and corrective procedures.
- Perform compliance monitoring on successful patching of all servers.
- Perform compliance monitoring and reporting on successful back-up operations.
- Perform compliance monitoring and reporting on: outdated operating system on servers; Active Directory replication errors; unresponsive OMS agents; servers and databases approaching end of life; database simple recovery model; and non-activated Windows OS.
- Monitor and develop action points to ensure IT compliance with key regulations such as the Nigerian Cyber-Security Act, NCC Cyber-Security Guidelines, and NITDA Security Guidelines.
- Identify potential areas of compliance vulnerability and risk. Develop/ recommend corrective action plans for resolution of problematic issues and provide general guidance on how to avoid or deal with similar situations in future.
- Build IT Compliance Dashboard and provide reports (as requested or directed) to keep relevant IT Committees informed of the operation and progress of compliance efforts.
- Monitor and track open audit findings from internal and external audits, 3rd parties, and ISO90001.
- Monitor and coordinate IT compliance activities. Keep abreast of status, identify trends, and take appropriate steps to improve overall effectiveness.
- Perform other tasks and duties as assigned by the Manager, IT Risk & Control.
Experience & Qualifications Required
- Bachelor's Degree in Computer Science, Computer Engineering, Information Technology, or related disciplines.
- 5-6 years’ relevant work experience in Information Security, Risk Advisory, and IT Compliance.
- Professional certifications such as CISA, CRISC, ISO27001, ISO27005: Lead Risk Manager will be an asset.
- Demonstrable application of knowledge of defence in-depth, least privileges, need-to-know, separation of duties, access controls and encryption.
- Proven knowledge of risk management, information security, mobile core technologies and controls.
Organizational Competencies:
- Be Bold
- Customer Focus
- Innovation
- Integrity
Functional Competencies:
- IT Audit
- Vulnerability Management
- Business Continuity
- Risk Management
- ITIL
- ISO27001
- Problem Solving
Behavioural Competencies:
How to Apply
Interested and qualified candidates should:
Click here to apply
Note: Please apply with an updated resume/ CV
Application Deadline 19th October, 2021.
Job Title: Senior Manager - IT SOX Operation
Location: Lagos, Nigeria
Job Type: Full-time · Mid-Senior level
About the Job
- We are currently recruiting for a Senior Manager – IT SOX Operations . Based in Lagos, you will:
- Manage and direct all workstreams related to IT SOX Compliance including planning, resource coordination (in-house and co-sourced), execution, and reporting
- Provide technical support in the design, implementation and testing of ITGC requirements.
- Remediation support by providing pragmatic recommendations which are practical to implement and meet the requirements of the Sarbanes Oxley Act.
Key Roles & Responsibilities
- Coordinates the IT General Controls design and test of operating effectiveness
- Manages all IT SOX Risk and Control Matrices
- Monitors existing control gaps across the group and drives effective remediation of lapses [in line with management’s expectation and regulatory requirements.
- Manage External ITGC audits
- Ensures all SOX Controls mapped to IT Systems are adhered to.
- Acts as the single point of contact (SPOC) for all matters ITGC SOX Compliance. Facilitates and coordinates information requests [and subsequent provision] between IT and various groups [internal and third party].
- Works with control owners and operators to ensure quality, consistency and operability of new and existing controls.
- Review test findings, facilitate the remediation of ITGC control gaps, and escalate possible critical issues to leadership within IT.
- Review control evidence for adherence to accuracy, completeness and precision of control execution for all ITGC.
- Collaborate and build long-term relationships with key stakeholders in a evolving and fast-paced work environment.
- Plans and directs the work of direct reports, monitors their work, and takes corrective action when necessary
- Coaches, mentors, and develops direct reports, including providing career development planning and opportunities; maintains a safe, secure, and motivating work environment
Experience & Qualifications Required
- Bachelor's and/or Advanced Degree in Computer Science or any related disciplines.
- Minimum of 10 years’ relevant experience in IT Audit, IT Control, and IT Compliance
- Professional certification: CISA Compulsory
- CRISC, CISM, CGEIT, COBIT 5 Implementer, ISO 27001 LI or LA will be an added advantage.
Organizational Competencies:
- Be Bold
- Customer Focus
- Innovation
- Integrity
Functional Competencies:
- Deep understanding/knowledge of technologies and IT operating and delivery models – as well as the risks associated with them.
- Knowledge & experience in implementing globally accepted information system risk, control Frameworks
- Solid knowledge of security best practices such as defense in-depth, least privileges, need-to-know, separation of duties, access controls, and encryption.
- Strong analytical skills
- Thorough understanding of the latest GRC principles, techniques, and protocols.
Behavioural Competencies:
- Expert stakeholder management skills, with previous experience in a position which demonstrate strong organisational, prioritisation and communication skills.
- Demonstrable experience of managing teams
- Attention to detail
- Strong listening skills
- Good verbal and written communication skills
How to Apply
Interested and qualified candidates should:
Click here to apply
Note: Please apply with an updated resume/ CV.
Application Deadline 19th October, 2021.