Information Security Governance Officer at Nigerian Stock Exchange

Division: CEO    
Department: Information Security Department
Report to: Information Security Manager    
Grade: Executive Assistant - Officer
Estimated Date Of Resumption: Monday, May 4, 2020

Job Summary

• The Nigerian Stock Exchange services the largest economy in Africa, and is championing the development of Africa’s financial markets. The Exchange offers listing and trading services, licensing services, market data solutions, ancillary technology services, and more. It is an open, professional and vibrant exchange, connecting Nigeria, Africa and the world.
• The Information Security Governance Officer will coordinate the identification, assessment, reporting and management of risk in relation to all aspects of information governance (IG) within the Exchange, including regular review of the Information Asset Risk Register.
• The Incumbent will develop and manage the information security training program for all employees and the ecosystem, which includes annual security awareness training, policy specific training, Newsletters, security notifications as well as the global phishing campaign.
• S/he will ensure that information security programs are in compliance with applicable laws, regulations and policies to minimize or eliminate risk and audit findings. The Incumbent will develop business-relevant metrics to measure the efficiency and effectiveness of the programs, facilitate appropriate resource allocation and enhance the maturity of the security and compliance program.
• S/he will also Maintain and deliver the information security element of new employee orientation/induction training; assisting with the maintenance and dissemination of information security policies, procedures and guidelines; assisting with the gathering and analysis of information security metrics.

Key Responsibilities

• Management of all passwords eg Reset and admin privilege control
• Review the result from risk assessment and develop effectiveness of control
• Manage and follow-up on control effective measures and documentation
• Determine whether the security activities implemented are performing as expected
• Maintain the Security of all Information entrusted to the staff
• Comply with the principles and policies in the Information Security Handbook
• Maintain the flow of both electronic and hard-copied controlled documents, department files and resource materials. Writing document control systems and putting them into action, logging, tracking and maintaining batch records, coordinating document control issues
• Coordinate the classification of information and physical assets of the Exchange
• Coordinate strategies and rollouts to provide physical and environmental solutions in Exchange Maintain a list of all areas which contain critical systems or critical information assets
• Facilitate and coordinate the necessary counter measures to physical and environmental incidents with service providers
• Review the effectiveness of Exchange’s physical and environmental protection strategy and implemented security controls
• Provide input in formulation of necessary information security policies, procedures and guidelines. Facilitate ISMS awareness among staff and other stakeholders in ensuring sustenance of ISMS in the Exchange
• ISMS Compliance Monitoring
• Act as Team Lead to XGEN User Profile Administration.

Qualifications And Experience
To successfully deliver the above goals, the right candidate must have:

• A minimum Bachelor's degree in Science, Computer Science, Engineering discipline, Mathematics or Physics or any related discipline
• A minimum 2 years post NYSC relevant experience with desktop, server and/or network administration
• Experience within the Financial or Services sector will be a distinct advantage
• Experience in managing / working with senior stakeholders will be a distinct advantage.

Candidates Technical Knowledge And Experience:

• Extensive experience in enterprise security architecture design and enterprise security document creation. Solid knowledge of information security principles and practices. Working experience with intrusion detection systems
• Installation, configuration, monitoring and response to security system
• Understanding of advanced security protocols and standards
• Experience with internet, web, application and network security techniques
• Solid understanding of Configuration Management and testing methodologies both manual and automated
• Strong knowledge of the business environment and technical infrastructures including software development, computer operations, network operations and telecommunications.

Functional Competencies:

• Analytical Thinking
• Compliance Risk Management
• Desktop Engineering and Support
• Emerging Technologies
• Enterprise Architecture
• Enterprise Risk Management
• Information Security
• Ethics Knowledge
• Information Systems Audit
• Information Technology Service Operations
• Network and Telecommunications Technology
• Software Engineering and Development
• Ability to work under presure with strict deadlines
• Strong incident management skills
• Strong experience of IT service, operations and support
• Excellent Communication Skills, both Written and Verbal.

Behavioural Competencies:

• Attention to Detail
• Change Management
• Integrity
• Problem Solving
• Time Management
• Excellent decision making capabilities with assertive approach
• Knowledge of ISMS standard.