Technology Risk & Compliance Manager at Bellforte Consulting

Job Description

• We are seeking an experienced Technology Risk & Compliance Manager to lead the development and execution of our client’s technology governance, risk management, and compliance framework.
• The successful candidate will ensure that our client’s technology environment remains secure, resilient, compliant, and aligned with regulatory expectations as they scale their fintech operations.
• This is a strategic leadership role responsible for strengthening technology controls, managing regulatory obligations, and enabling secure innovation within a fast-growing financial technology environment.

Key Responsibilities

• Develop and implement technology risk management frameworks aligned with industry best practices.
• Lead IT governance, policies, standards, and control frameworks.
• Ensure compliance with applicable regulatory requirements, including CBN guidelines, data protection regulations, and information security standards.
• Conduct technology risk assessments and oversee risk mitigation initiatives.
• Manage technology audits, regulatory reviews, and compliance remediation activities.
• Establish and manage third-party/vendor technology risk management processes.
• Monitor technology controls, cybersecurity governance, and operational resilience.
• Provide executive reporting on technology risks, compliance status, and improvement initiatives.

Preferred:

• Master’s degree in Information Technology, Cybersecurity, Risk Management, MBA, or related field.

Technical Certifications
Preferred certifications include:

• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified in Risk and Information Systems Control (CRISC)
• ISO 27001 Lead Implementer / Lead Auditor
• Certified Risk Management Professional (CRMP)
• ITIL Foundation / ITIL Managing Professional
• COBIT Foundation
• Certified Data Privacy Professional (CDPP) / Data Protection certification

Additional Information
Experience:

• 7–12 years of relevant experience in technology risk, IT governance, cybersecurity governance, audit, compliance, or technology assurance.

Preferred Experience:

• Experience within a fintech, digital banking, payments, banking, financial services, or regulated technology environment.
• Proven experience implementing technology risk frameworks and compliance programs.
• Experience working with regulatory requirements from the Central Bank of Nigeria (CBN), Nigeria Data Protection Commission (NDPC), and other relevant regulatory bodies.
• Experience managing technology audits, risk assessments, and remediation programs.
• Experience managing third-party/vendor technology risk.

Core Skills
Technology Governance:

• IT governance frameworks
• IT policies and standards development
• Technology governance structures
• IT controls design and implementation
• COBIT, ITIL, ISO standards

Risk Management:

• Technology risk identification and assessment
• Risk registers and mitigation planning
• Control testing and monitoring
• Risk reporting to leadership
• Enterprise risk management

Regulatory Compliance:

• CBN regulatory requirements
• Data protection regulations
• PCI DSS compliance
• Information security compliance
• Internal and external audit management

Vendor Risk Management:

• Third-party risk assessment
• Technology vendor due diligence
• SLA and contract compliance reviews
• Outsourcing risk management

Security & Controls:

• Cybersecurity governance
• Access control reviews
• Vulnerability management oversight
• Incident management governance

Key Skills and Attributes
The ideal candidate should demonstrate:

• Strong analytical and problem-solving ability
• Ability to translate technical risks into business impact
• Strong stakeholder management skills
• Excellent written and verbal communication skills
• Ability to influence senior executives and technology teams
• Strong attention to detail
• High integrity and ethical judgment
• Ability to manage multiple priorities
• Strong understanding of fintech operational environments

Key Performance Indicators (KPIs)
Success will be measured by:
Governance & Compliance:

• Percentage completion of technology compliance requirements
• Reduction in regulatory findings
• Successful completion of technology audits
• Implementation of IT governance frameworks

Risk Management:

• Reduction in unresolved technology risks
• Timely risk identification and mitigation
• Improvement in risk maturity score

Security & Controls:

• Improvement in security control effectiveness
• Reduction in policy/control exceptions
• Improved incident response readiness

Vendor Management:

• Completion of third-party risk assessments
• Reduction in vendor compliance gaps
• Improved vendor SLA performance

Reporting:

• Timely submission of technology risk reports
• Quality of executive risk reporting