Head, Security and Risk/Chief Information Security Officer at Electronic PayPlus Limited

Electronic PayPlus Limited is a foremost electronic payment company with years of experience in the industry. We are a card-based solutions provider primarily focused on providing total payment solutions to the banking industry and other payment institutions. We offer a wide variety of plastic cards from the simplest PVC to the most sophisticated smart contact and contact-less cards.

We are recruiting to fill the position below:

Job Title: Head, Security and Risk/Chief Information Security Officer

Location: Lagos

Job Description

  • Direct and approve the design of security systems;
  • Ensure that disaster recovery and business continuity plans are in place and tested;
  • Review and approve security policies, controls and cyber incident response planning;
  • Approve identity and access policies;
  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities;
  • Maintain a current understanding the IT threat landscape for the industry;
  • Ensure compliance with the changing laws and applicable regulations;
  • Translate that knowledge to identification of risks and actionable plans to protect the business;
  • Schedule periodic security audits;
  • Oversee identity and access management;
  • Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced;
  • Manage all teams, employees, contractors and vendors involved in IT security, which may include hiring;
  • Provide training and mentoring to security team members;
  • Constantly update the cyber security strategy to leverage new technology and threat information;
  • Brief the executive team on status and risks, including taking the role of champion for the overall strategy and necessary budget; and
  • Communicate best practices and risks to all parts of the business, outside IT.
  • Conduct quarterly vulnerability and risk assessment
  • Conduct bi-annual verification of IT assets in conjunction with IT and IAC departments, and submit accurate reports.
  • Quarterly independent checks of network devices, user accounts and permission level of critical business machines; and submit report on findings.
  • Review of Internal Security Manual with every new staff and conduct bi-annual/annual security awareness trainings.
  • Review critical patch updates for vulnerability before updating the patch on all critical systems.
  • Incidence management and prompt resolution.
  • Conduct a quarterly inspection on all security devices to confirm they are working properly, and submit a comprehensive report to management.
  • Monthly configuration review of all the Active Devices with the IT Manager.
  • Review the weekly card access activities and submit report to the IAC and HR.
  • Review key custodians suitability every quarter.
  • Monthly review of the network diagram.
  • Annual test of BCP and ERP rehearsal.
  • Closure of audit non-conformity within stipulated time (MasterCard, Verve, VISA and interval audit.
  • Review of the ISMS annually and compliance with the policies (clear desk policy, screen lock out etc.).
  • Review network scan (GFI LAN Guard) report monthly.
  • Monthly review of wireless (airtight) scan report.
  • Review of quarterly external network (ASV) scan with IT & IAC for quick remediation of non-conformity.
  • Conduct risk assessment and submit report to MD and BOD committee.
  • Attend BOD committee quarterly meetings.
  • Review of the annual penetration and vulnerability test report with IT & IAC, ensuring quick remediation of non-conformity.

Requirements
Academic Qualification:

  • Bachelor’s degree or HND in Computer Science

Professional Qualifications:

  • CISSP Certification
  • CISM Certification
  • CISA Certification
  • Cisco Certification

Experience:

  • 7 years cognate experience in Information Security.

Key Skills and competencies:

  • Confidence
  • Excellent technical skills
  • Organizational skills
  • Planning skills
  • Interpersonal skills
  • Communication skills
  • Problem solving skills
  • Team working skills
  • Attention to details
  • Understanding of the code, specification and regulations related to the payment card industry
  • IT skills.

Application Closing Date
15th November, 2019.

The post Head, Security and Risk/Chief Information Security Officer at Electronic PayPlus Limited appeared first on Jobs in Nigeria – http://jobsinnigeria.careers.