PricewaterhouseCooper (PwC) Nigeria has been operating in Nigeria since 1953 through its predecessor firms of Coopers & Lybrand and Price Waterhouse. We're one of the leading professional services firms in the country with offices in Lagos, Abuja and Port Harcourt, over 1000 staff and 31 resident partners.
We are recruiting to fill the position below:
Job Title: Information Protection Analyst
Job ID: 228982WD Location: Lagos
Job type: Full time
Line of Service: Internal Firm Services
Specialism: IFS - Information Technology (IT)
Management Level: Associate
Job Description & Summary
A career in Information Technology, within Internal Firm Services, will provide you with the opportunity to support our core business functions by deploying applications that enable our people to work more efficiently and deliver the highest levels of service to our clients.
Data protection & Privacy Support:
Identify, document and evaluate the company’s data processing activities to create/maintain personal data inventory.
Provide Support during NDPR compliance audit
Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data protection regulations, conduct data privacy risk assessment (DPRA) and where necessary, complete and advise on data privacy impact assessment (DPIA).
Develop and deliver data protection & privacy training to various business functions to raise employee awareness of data privacy and security issues,
Attend and provide regular/ ongoing data protection, information security and privacy training
Work with the firm’s Data Protection Office to deliver on data protection expectations’ Responding to client’s data protection request, monitoring for new data protection regulation / guidelines from regulatory bodies locally and globally
Participate and support with information protection Team meetings
Assist with Data subject Requests resolution
Process and Policy Documentation:
This is an annual process but during the year some changes may take place more than once. Tasks include:
Follow up with teammates as regards updates/review of process and local policy documentations.
Ensure the updates or modifications made to the various process documentation are reviewed with the Unit Leads and by the IT Country Head
Ensure that all IT policies and procedures are compliant with regulatory requirements
Follow up with the Country Operations Partner for approval of the revised process/policy documents
Ensure the dates for the various updates/reviews are accurately implemented on the various documentation
Upload these documents to the specified repository and ensure they are available when needed and accessible when required
Assist the IT country Head in delivering weekly operational / activity reports to Leadership
Business Continuity and incident Management:
Create a schedule for the disaster recovery exercises for the servers and links. This exercise could be quarterly or monthly depending on the application or links as stated in the SLA.
Ensure the various exercises are carried out as at when due. And also ensure proper follow up with team members
Anchor and Document the Disaster Recovery (DR) exercises/tests when they take place
Generate a report from the DR exercise/test, review with the country manager and ensure all participants at the DR exercise/test signs off.
Collaborate with Risk and Quality team on Business Continuity activity, including submitting a copy of the report to R&Q, upload a copy on the appropriate repository and file the hard copy
Ensure these reports and available when required and accessible by relevant stakeholders
Maintain a current hard copy of these policy documents are kept in a fireproof cabinet
Ensure all related incidents, breaches and violations are properly documented, remediated, closed and reviewed for future learning.
Ensure the incident reports and available when required and accessible by relevant stakeholders
Participate in post incident review to identify lessons learnt
Attend and support the incident management Team
Participate in all technology related internal / external audits e.g. FY ISP audit, ISO recertification audits, etc.
Requirements
First Degree (Minimum of Second-Class Upper Division) in Computer Science and Computer related disciplines
Training in Data or information protection / security field
Certification in any data or information protection / security field
Core Skills:
Minimum of 1-year IT experience.
Must have an in-depth knowledge of established computer-industry security procedures for multiple computer platforms
In-depth experience with windows operating systems
Knowledge of the enterprise application systems, disaster recovery processes, Business Impact Analysis, business continuity planning, etc
IT Audit experience (if possible)
Document/process management experience
Generic Skills:
Good written and oral communication ability
Action planning, Motivating, Analytical mind and strong problem-solving capabilities
Ability to work independently in a highly dynamic environment and work under intense pressure.
Strong interpersonal and communication skills
Ability to solve problems quickly and completely
Ability to train PwC users on use of computer software and hardware in both office and classroom situations
Good analytical skills
Ability to work alone with less supervision and as a team member