Information Risk and Compliance Analyst at Venture Garden Nigeria (VGN)

Location: Ikeja, Lagos
Job Type: Full-time

Job Description

• As Risk and Compliance Analyst, you will assist in the maintenance and enforcement of the VGG’s security program.
• You will be charged with identifying weaknesses in or deviations from policy and working across departmental lines to ensure the safety of the company’s information resources

Principal Responsibilities and Accountabilities

• Maintenance of Risk Management Policy
• Facilitation of regular risk assessment exercises,
• Integration of Risk Management Policy into key processes
• Enforcement and monitoring of controls arising from risk assessment exercise/information security policy and procedures
• Maintenance of dashboard of control implementation and compliance status
• Work with teams tasked with control implementation to determine the status and identify impediments
• Stays current and reports on emerging security threats based on the company’s risk profile
• Stays current and reports on emerging technologies and their impact on the company’s security

Change management:

• Implementation of a unified change management procedure
• Maintenance of central repository for change documentation.

Information Security Awareness:

• Implement information security awareness program:
  • Identification of key topics based on best practice
  • The inclusion of topics based on feedback from incidents/awareness measurements
  • Facilitate information security awareness sessions
• Develop an Information security awareness plan for the year
• Develop and implement ad-hoc security awareness methods

Compliance management to relevant security standards, legal and contractual requirements:

• ISO 27001
• PCI-DSS
• SWIFT Security Requirements
• CBN Requirements
• Other identified compliance requirements

Qualifications

• Bachelor's degree in Computer Science, Cybersecurity or related field
• At least 2 years’ experience in information security risk and/or compliance role and operational risk management
• Experience in implementing and maintaining security standards, including ISO 27001, PCI-DSS, NIST etc
• Experiencing in maintaining policy documents and enforcement of information security policies
• Relevant certifications, i.e. CISM, CISSP, CGEIT, CRISC, CEH, CHFI

Skills & Abilities:

• Decision Making
• Flexibility
• Interpersonal Skills
• Personal Leadership
• Excellent Communicator
• Personal Organization
• Problem Solving
• Team Building
• Additional Information

Working Conditions:

• Flexibility is important.