Role Summary
We are seeking a Regulatory & Compliance Officer with solid technical security knowledge to bridge the gap between regulatory requirements and technology implementation.
This role ensures that regulatory obligations are not just documented, but technically enforced across infrastructure, applications, cloud environments, and digital banking platforms. The ideal candidate understands how compliance maps to firewalls, logs, encryption, access control, APIs, and cloud security configurations.
Core Responsibilities
Regulatory Compliance & Interpretation
- Interpret financial and data protection regulations and translate them into technical and operational controls.
- Ensure compliance with Central Bank guidelines and fintech regulations.
- Liaise with regulators and manage regulatory examinations.
- Prepare and submit regulatory returns and statutory reports.
Technical Compliance & Security Oversight
- Validate implementation of security controls across systems.
- Review firewall rules, access controls, IAM policies, and encryption standards.
- Ensure secure configuration baselines are maintained.
- Review vulnerability assessment and penetration testing reports.
- Track remediation of critical and high-risk findings.
- Validate logging, monitoring, and incident response readiness.
Data Protection & Privacy Governance
- Ensure compliance with National Data Protection Commission regulations (NDPA/NDPR).
- Oversee Data Protection Impact Assessments (DPIA).
- Validate encryption and data retention controls.
- Manage breach notification processes.
Financial & Security Standards Compliance
- Oversee compliance with:
- PCI-DSS
- NDPA
- Central Bank Of Nigeria
- AML/CFT
- KYC regulations
- ISO 27001 controls
- Map regulatory requirements to technical controls.
- Support security audits and QSA assessments.
Audit & Risk Management
- Maintain compliance risk register.
- Conduct control effectiveness reviews.
- Coordinate internal and external audits.
- Provide compliance dashboards to executive management.
Policy, Training & Awareness
- Develop compliance and information security policies.
- Conduct regulatory and security awareness sessions.
- Promote accountability across business and technical teams.
Required Qualifications
- Bachelor’s degree in Law, Cybersecurity, IT, Finance, or related field.
- 3+ years experience in fintech, banking, or regulated digital environments.
- Strong understanding of both regulatory frameworks and technical security controls.
- Experience working with DevOps, Security, or Infrastructure teams.
Technical Knowledge Required
Understanding of:
- Cloud security (AWS/Azure/GCP basics)
- IAM and access control models
- Encryption standards (TLS, AES)
- Logging & SIEM concepts
- Vulnerability management lifecycle
- API security principles
- Ability to read and interpret technical security reports.
Preferred Certifications
- CISM or CISSP
- CAMS
- ISO 27001 Lead Implementer / Auditor
- CDPO
- PCI Internal Security Assessor (ISA)
Core Competencies
- Regulatory interpretation with technical mapping ability
- Strong documentation and policy drafting skills
- Analytical and risk-based thinking
- Executive communication capability
- Cross-functional leadership
Key Performance Indicators (KPIs)
- Zero regulatory sanctions.
- Timely remediation of audit findings.
- Improved compliance maturity score.
- Reduced repeat compliance findings.
- Audit readiness at all times.
Gmail
Yahoomail