IT Governance, Risk & Compliance Analyst at Moniepoint Inc.

The IT Governance Risk and Compliance Analyst on the Information Security team at Teamapt will be responsible and jointly accountable with CISO for the management, oversight and coordination of the Information Technology Governance, Risk Management and Compliance projects and programmes.

You will also be responsible for the identification, assessment, risk response, mitigation, control, monitoring, reporting, and recommending remediation for current and emerging Information Technology risks and controls.

Responsibilities

Governance

• Ensure all IT policies and standards are defined, approved, and up to date.
• Identify IT areas without an IT policy and establish the same for the IT unit.
• Execute/enforce/comply with Teamapt policies and procedures.
• Evaluate IT units against IT policies, procedures, and the Central Bank of Nigeria/Industry standards.
• Teamapt audit and regulatory audit - Engagement with relevant Teamapt Staff, CBN, Consultants, QSAs, Other auditors/ regulatory bodies, and respond to requests and audit queries.
• Fix the identified Gaps / Exceptions from the evaluation/audit with the accountable unit Heads
• Oversee control-related aspects of process changes and improvement, technology upgrades, and new technology implementations. Ensure that the control structure remains effective.

Risk Management

• IT Risk Management – Risk Identification, assessment and planning, response and mitigation, monitoring, tracking, and reporting.
• Risk and control self-assessments process ownership and management - work with the responsible unit heads to ensure closure of risk items on the RCSA register.
• Work closely with unit heads to identify and assess risk and develop controls and mitigation strategies for risk.
• Participate in technology projects and programmes to identify potential risks to the organization and recommend mitigation and opportunities for improvement.
• Eliminate, avoid, share, accept, and control the identified IT risk.

Compliance

• Work with IT management team to ensure that the organization consistently attains high levels of compliance with all relevant laws and regulations as well as industry best practices, such as PCI-DSS Compliance/Certification and ISO Certifications (ISO 27001, ISO 20000, and ISO 22301.
• Management of audit findings, risk and the control department.
• Management of CBN standards compliance projects.
• Responsible for procedures and controls to ensure compliance with applicable regulatory and legal requirements as well as good business practices.
• Manage and ensure IT comply with the following bank and regulatory agencies on Information Technology related regulations.
• Oversee control related aspects of technology process changes and improvement, technology upgrades and new technology implementations. Ensure that the control structure remains effective as the organization changes.

To succeed in this role, we think you should have

• A degree in Computer Science, Management Information Systems, Computer Engineering, or related degree
• Possesses relevant certifications like Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Minimum of 3 years of experience in information security/technology risk reviews across enterprise operating systems, databases, banking applications, and networks.
• Keen eye for detail.
• Highly motivated, energetic, and a self-learner.
• Ability to work with little supervision and meet strict deadlines.
• Must be results-oriented, setting high standards, and intent on making things happen.
• Takes the initiative within given parameters with freedom to act.