Vacancy at 9mobile Nigeria for a Principle Engineer, IT Security & Information Risk Management
9mobile is a Nigerian private limited liability company. EMTS acquired a Unified Access Service License from the Nigerian Communications Commission in 2007. The License enables EMTS provide Fixed Telephony (wired or wireless), Digital Mobile Services, International Gateway Services and National/Regional Long Distance Services in addition to spectrum assignments in the 900 and 1800 MHz bands.
We are recruiting to fill the position below:
Job Title: Principle Engineer, IT Security & Information Risk Management
Location: Lagos, NG
Job Summary
- Lead the planning, delivery and management of EMTS Information Security program and ensure adequate protection of its information and technology related assets.
Principal Functions
Tactical:
- Develop, manage and implement a comprehensive information security program for EMTS.
- Lead the development of security architecture, policies and standards and ensure compliance across the organization Operational
- Develop and maintain an up-to-date IT security posture for EMTS. Ensure IT gets a satisfactory / acceptable risk rating from independent assessments
- Conduct periodic review of the IT Security management framework and ensure it is updated in line with industry trends and regulatory requirements.
- Participates in IT security investigations and compliance reviews as requested by internal or external auditors
- Conduct research, assess new threats and security alerts and recommend appropriate actions to mitigate them
- Raise the security awareness and education level of EMTS employees (through interpost, regular training and onboarding for new hires) and IT vendor
- Lead the selection of information security solutions partners to manage and deliver IT Security projects.
- Interface with others teams within and outside IT department in the process of delivering security solutions.
- Liaise with vendors, suppliers and partners to ensure effective optimization, adoption and delivery of solutions.
- Work with EMTS business units and other risk management/assurance functions (Internal Audit & Revenue Assurance) to identify security requirements, using Risk Assessments, business impact, penetration tests and vulnerability assessment tests. Implement strategies and plans to achieve security requirements and address identified risks
- Conduct security control and vulnerability assessments to identify weaknesses and assess the effectiveness of existing controls and recommends remedial action
- Prepare reports for management attention on residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
- Plays an advisory role in application development or acquisition projects, to assess information security requirements and ensure that security controls are implemented as planned throughout the project life cycle
- Carry out other activities as instructed by the Head, Information Risk Management.
Educational Requirements
- First Degree or equivalent in Computer Science/Engineering, Electrical/Electronic Engineering or other numerate science.
- Six (6) to Eight (8) years relevant work experience, with at least Three (3) years in enterprise information security implementation and three (3) years in a supervisory role.
- Good understanding of telecommunication business and technology model.
- Good understanding of business analysis and project management methods.
- Very good conceptual and analytical thinking skills
- Good interpersonal and communication skills
- Possession of relevant IT and telecommunication certification including CISA, CISSP, CISM, CEH, ISO27000 etc.
- Broad experience across the IT architecture stack