For 15 years we have been building and managing telecommunications towers that are the essential backbone of mobile telecommunications in Africa - the leapfrog technology driving economic development, prosperity and self-sufficiency across the continent. Right now, IHS is leading a new telecoms service sector driven by the growth of middle class business an...
Read more about this company
We are currently recruiting for a Manager, IT Risk & Compliance. In this role, you will be responsible for establishing an acceptable IT risk profile for the business and promoting adherence to information risk standards and procedures while ensuring that the company's systems are protected from internal and external threats and end-to-end security (frontline to back-end/ data centre) is maintained.
Key Roles & Responsibilities
Provide inputs towards developing the company’s IT risk policies, plans and procedures, as well as supporting organizational structures, to ensure an acceptable level of assurance.
Ensure all policies and procedures are documented, easily accessible, and adhered to.
Build awareness of new and evolving IT risks across the business and implement appropriate systems and processes which ensure that information risks are detected early and proactively managed with timely remediation when undesired events occur.
Contribute towards establishing credible risk governance, promoting an integrated risk management mindset at all levels, and promoting an execution approach which appropriately prioritizes actions based on business impact.
Lead the identification of Key Risk Indicators (KRIs) across the business based on up-to-date situational analyses and trends and drive effective risk oversight by providing timely and relevant information on KRIs.
Plan and execute quarterly IT General Control (ITGC) audits, complete with detailed findings and remediation follow-ups. Perform SOX ITGC audits.
Liaise with Enterprise Risk, Internal Audit, and other relevant functions across the business to ensure that all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk management approach.
Conduct continuous risk assessments and business impact analyses for new and existing solutions.
Stay informed of all IT risks before they are highlighted by Audit or 3rd-parties. Ensure closure of open audit items. Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
Identify potential threats to the confidentiality, integrity, and availability of the company’s systems and network.
Identify and architect appropriate security technologies based on risks, policies and architecture. Support IT Architecture Review process and evaluate associated security of the proposed architectures.
Perform other functions as assigned by the Senior Manager, IT Security.
IT Security Administration
IT Policies, Procedures & Standards
Security Monitoring & Reporting
Continuity & Disaster Recovery
Collaboration & Teamwork
Experience & Qualifications Required
Bachelor’s and/ or Advanced degree in Computer Science or any related disciplines.
+9-10 years’ relevant experience in Information Security, IT Audit and Risk
Hands-on experience in security systems review, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
Demonstrable experience with network security and networking technologies as well with systems, security, and network monitoring tools.
Thorough understanding of the latest security principles, techniques, and protocols.
Demonstrable familiarity with web-related technologies (web applications, web services, service-oriented architectures), and network/ web-related protocols.