Information Technology (IT) Compliance Manager at Sifax Group

Sifax Group is one of Africa’s fastest-growing multinational corporations with diverse interests in Maritime, Aviation, Haulage & Logistics, Oil & Gas and Hospitality.

We are recruiting to fill the position below:

Job Title: Information Technology (IT) Compliance Manager 

Location: Lagos
Reporting Line: Information Technology (IT) General Manager 
Proposed Grade: Officer - Deputy Manager 

Role Summary

• We are looking for a seasoned IT Compliance Personnel who will be working with the Group IT Compliance Manager in overseeing and executing the global IT compliance program as well as exemplify the pillars of compliance culture – communication, collaboration, trust, and reporting.
• Duties will include daily management and execution of IT compliance programs across operating businesses, reporting to management, and ensuring successful execution of IT compliance activities for Corporate and Governance IT. 

Duties / Responsibilities

• Design and implement security controls to safeguard and monitor events for information systems, enterprise applications, and data.  
• Ensure that current policies, standards, and guidelines are maintained and tasked with the drafting of new policies, standards, and guidelines 
• Drive internal and external vulnerability assessment, penetration tests engagements, and manage results to remediation  
• Collaborate with stakeholders to design, the document, and deploy secure infrastructure solutions to enhance and evolve the security posture of the business to ensure integrity, availability, and confidentiality of all critical enterprise data  
• Develop, implement, and maintain systems following IS Information Assurance policies, processes, procedures, and guidelines, and industry standards to address security, privacy, and disaster recovery/business continuity needs to protect information and resources at established, defined levels.  
• Maintains systems to keep information and resources secure and safe from known vulnerabilities to include updating applications and systems with security patches and code updates, applying appropriate virus protection, and testing changes before placing them into production environments.  
• Performs information control reviews to include system development standards, operating procedures, system security, programming controls, communication controls, backup and disaster recovery, and system maintenance. 
• Perform reviews of major incidents, major problems, and/or changes, as per assigned processes 
• Maintains current knowledge with respect to relevant state-of-the-art technology, equipment, systems, and/or security awareness.  
• Develop the company’s IT policies, plans, and procedures in line with COBIT 5, ISO27001, and supporting organizational structures to ensure an acceptable level of assurance.  
• Manage changes to configuration items to maximize business benefit while minimizing risk  
• Take part in all proposed major change and ensure concerned parties are aware of planned changes  
• Ensure IT strategy is documented and refreshed in line with business needs and IT governance best practice.  
• Stay informed of all IT risks before they are highlighted by audit and/ or third parties. Ensure closure of open audit items. 
• Identify potential threats to the confidentiality, integrity, and availability of the company’s systems and network.  
• Evaluate the organization’s business continuity plan (BCP), including alignment of the IT disaster recovery plan (DRP) with the BCP, to determine the organization’s ability to continue essential business operations during the period of an IT disruption.  

Requirements

• A good university degree or equivalent in Information Technology or related discipline. M.Sc. or MBA will be an added advantage 
• Not less than 3 years of hands-on experience in a related field 
• Knowledge of policy and regulatory environment of Information Security (3 – 5 years)  
• Information security certifications, such as CISSP, CISM, CCNA, or equivalent preferred. Information systems auditing certification such as CISA or Cobit 5 is highly desirable. 
• Knowledge of programming languages such as JavaScript, CSS, C++, Python, PHP, C#, etc is a plus 
• Experience with development and administration of risk assessments and review 
• Experience with security Incidence Response and Recovery.  
• Experience with Vulnerability Management and Patch Management 

Skills Requirements:

• Proven leadership skills 
• Strong Communication and Interpersonal Skills 
• Ability to build and maintain a positive relationship with colleagues 
• Strong Analytical and Planning Skills 
• Proven Strategy capability and ability to write clearly and Concisely 
• Multi-Tasking Skills 

Application Closing Date
5th July, 2021.