Information Security Officer at Microcred Group

Line Manager: Country IT Manager

Specific Functions

• Coordinate efforts to support any IT audits & review, and relevant regulatory bodies compliance exercise/investigations.
• In collaboration with the Group Resources, check implementation of new technologies and Solution development at the Opportunity Study Phase/Functional Specifications Design phase to ensure that the solutions meet Standard Security requirements.
• Coordinate efforts to internally check, evaluate, and make recommendations to management regarding the adequacy of the security controls for the enterprise's records and Information Technology Systems.
• Improve business/IT operations by conducting systems analysis and business impact analysis; recommending changes in policies and procedures, where applicable changes on the system.
• Keep the IT departmental risk register updated.
• Evaluate and validate that all programs and controls associated to the prevention of security incidents are in place and being followed consistently.
• Coordinate and monitor all information technology and security related assessment and outcomes.
• Act proactively and serve as the local internal IT Audit resource within Baobab Nigeria to investigate compliance and gaps on the system in line with Baobab Group standards/best practices.
• Conduct periodic IT Processes maturity level assessment and ensure improvement plans are developed and strictly followed.
• Ensure implementation and review IT processes in accordance with the following IT management frameworks/Standards (Data Protection, XBRL, ISO 8583, ISO 22301, PCIDSS, ITIL V4, ISO 27001/27002, ISO 20022, Open Banking Standards, PMBOK, ISO 27032 and other IT Standards/Framework)
• Ensure all procedures and controls are in compliance with applicable IT policies and relevant regulatory framework.
• Ensure Certification and re-certification Audit program by external certification bodies are seamless within the Bank.
• Protect the life cycle ISO/Standard Certifications of the Bank on all Standards to prevent possible Certification revocation.
• Ensure proper monitoring, tracking all exceptions raised against IT team in Risk and Audit Report and work with the other teams within the IT to develop remediation plans to address these exceptions - (Develop IT Compliance Dashboard for tracking)
• Collaborate with all IT team, and other departments as may be required to ensure, Access Control, System, Application Development, Network Security, Physical Security adequately meets industry standards.
• Develop and implement security compliance goals, define security strategies, performance metrics, reporting mechanisms and programs such as awareness,Trainings; and create maturity models and a roadmap for continual program improvements.
• Ensure and enforce all Group IT Security initiatives are carried out within the affiliates.

Project / Program Management:

• Deliver on the assigned project/program timely within scope and budgeted cost.
• Coordinate all projects/programs with the Country IT Manager

Reporting:

• Provide snapshots of IT Security Outlook on a weekly basis to the Line Manager/Management and improvement plans.
• Reports status of Standards/Programs/Projects being implemented in the organization weekly, Monthly & Quarter.
• Reports compliance status of staff to IT Security practices and make recommendations for the controls.
• Other reports as may be demanded by the management from time to time.

Requirements

• University Degree in Computer Science / Engineering / or Information Technology or Electrical / Electronics Engineering or related courses.
• 4-5 experience in implementing and Auditing IT Standards/Framework in an environment that has multiple locations.
• Experience working with IT Consultants, different levels of Staff within the organization from Top Management downward.
• Implementer Certification/Professional Certificate in more than 2 Standards/Framework among these is a huge added advantage; Data Protection, XBRL, ISO 8583, ISO 22301, PCIDSS, ITIL V4, ISO 27001/27002, ISO 20022, Open Banking Standards, PMBOK, ISO 27032).

Required Skills:

• Good knowledge of IT Frameworks/Standards/ISO Certifications and monitoring of their Maturity level.
• Ability to work under pressure
• Fluent in English (read, write and speak)
• Integrity and self-sufficient at work
• Full understanding of IT Security best practices and relevant IT Audit knowledge.
• Excellent presentation (Power Point/Google Slides) and management Skills.
• Knowledge of Microfinance Operation.