Head of Security and Risk (CISO) at Electronic PayPlus Limited

Responsibilities

• Conduct quarterly vulnerability and risk assessment
• Conduct bi-annual verification of IT assets in conjunction with IT and IAC departments, and submit accurate reports.
• Quarterly independent checks of network devices, user accounts and permission level of critical business machines; and submit report on findings.
• Review of Internal Security Manual with every new staff and conduct bi-annual/annual security awareness training.
• Review critical patch updates for vulnerability before updating the patch on all critical systems.
• Incidence management and prompt resolution.
• Conduct a quarterly inspection on all security devices to confirm they are working properly, and submit a comprehensive report to management.
• Monthly configuration review of all the Active Devices with the IT Manager.
• Review the weekly card access activities and submit report to the IAC and HR.
• Review key custodians suitability every quarter.
• Monthly review of the network diagram.
• Annual test of BCP and ERP rehearsal.
• Closure of audit non-conformity within stipulated time (MasterCard, Verve, VISA and interval audit.
• Review of the ISMS annually and compliance with the policies (clear desk policy, screen lock out etc.).
• Review network scan (GFI LAN Guard) report monthly.
• Monthly review of wireless (airtight) scan report.
• Review of quarterly external network (ASV) scan with IT & IAC for quick remediation of non-conformity.

Qualifications

• Bachelor’s degree or HND in Computer Science.

Professional Qualification:

• CISSP,CISM,CISA,Cisco Certifications.

Experience:

• 7 years cognate experience in Information Security.