Information Technology Officer at ipNX Nigeria Limited

ipNX Nigeria Limited is one of Nigeria’s fastest growing Information and Communications Technology companies. In our business, we connect everything - people, information, and services. We are specialized in network connectivity, and delivery of internet, telephony, television as well as cloud-based software application services to corporate and residential customers.

We are recruiting to fill the position below:

Job Title: Information Technology Officer

Location: Lagos

About the Job

• This position is responsible for identifying, evaluating, and reporting on cyber security risks, developing a set of security standards and best practices for the organisation, monitoring networks and systems for security breaches and intrusions, leading technical and forensic investigations, managing the Deluxe vulnerability and penetration testing programs, and providing and implementing recommendations for security enhancements to management teams as needed.

Responsibilities

• Responsible for oversight of the IPNX Cyber Security systems and processes, overseeing
• the IT General Controls related to firewalls, system access, data leakage protection, patching, encryption, vulnerability scanning, penetration testing, data protection, Phishing protection.
• Monitor all operations and infrastructure for Cyber risks and establishmonitor alerts and log
• Provide support to ensure security controls are designed and implemented appropriately appropriately to protect the security, confidentiality, privacy, integrity and availability of data in compliance with organisation policies and standards.
• Deploy security solutions in IPNX private cloud services to customers.
• Build and deliver systems to identify potential security incidents and serve as subject matter expert on escalated incident
• Primary Escalation for all Critical/Major incidents following Incident management processes.
• Report unresolved security exposures, misuse of resources, and noncompliance situations using defined escalation processes
• Create and maintain reporting and documentation for security systems and procedures
• Develop
• and demonstrate subject matter expertise on all security technologies and keep abreast of emerging security support technologies and industry trends.
• Investigate and resolve security violations by providing post-mortem analysis to illuminate the issue, and identify causes, possible solutions, and preventative measures
• Manage escalated Security Incidents from a people and process perspective.
• Analyse security logs and investigate network and server security violations and intrusions.
• Own the Vulnerability Management end to end process and ensure remediation and closure of all exceptions.
• Perform application and web-based security vulnerability assessments and penetration tests in accordance with industry accepted methods, protocols, and tools
• Conduct vulnerability analysis and create impact assessments
• Develop detailed work plans, schedules, resource plans for recurring vulnerability and penetration assessments
• Collate conclusions and recommendations.
• Identify and communicate current and emerging information security threats
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvements.
• Support internal security audits, liaise with the group risk and internal control teams to provide enterprise cyber security risk posture and Cyber security resilience reports.
• Report audit findings, including corrective action suggestions
• Conducts follow up remediation and track findings from previous audits through to closure
• Conduct Cyber security education and awareness training events for users and management.
• Arrange and conduct security assurance reviews and assessment, present quarterly reports to stakeholders.
• Work closely together with technical architects to produce design specifications according to information security policies, while fulfilling business needs.
• Conduct regular security audits on role-based access to IPNX systems and data.
• Conduct risk assessment of vulnerability reports and impact risks to service.

Educational Qualifications & Functional Skills

• University Degree in Computer Science, Information Technology, Management Information System, or related field.
• Post Graduate degree (MBA, M.Sc., etc.) an added advantage
• In-depth knowledge of Linux, Unix operating systems Kali Linux experience
• Experience writing cyber security policies, procedures, standards and baselines
• Excellent documentation skills.

Work Experience:

• 5+ years’ experience with the development, deployment, management and automation of security solutions in an enterprise (cloud and on-premise) environments.
• Professional certification: Security certification of one or more of the following: CISSP, CRISC, CCSP, CISM, CISA, CEH, CCNP security.
• High degree of professionalism, work ethic, integrity and passion for Information Technology and Security.
• Practical and deep knowledge of security risk management methodologies and frameworks.
• Experience with cloud and SaaS technologies and zero-trust security are highly desirable
• Deep knowledge and experience with vulnerability management and penetration testing systems;Familiarity with latest security vulnerabilities, advisories, incidents, penetration techniques, attack vectors, and countermeasures.
• Knowledge of network based, system level, and application layer attacks and mitigation methods.
• Experience extracting pertinent security data from monitoring solutions and audit logs, and reports.
• Experience in variety of security technologies and architectures, such as MFA, VPN, DLP, SIEM, privileged access management, network security, data security, cryptography, micro segmentation, software-defined networks.
• Experience with enterprise security platforms and architectural design. Strong preference to candidates with proven (Cloud Computing security experience).
• Strong understanding of cyber security concepts, protocols, industry best practices, strategies, frameworks and regulations such as ISO 27001,NIST Cybersecurity Framework, Payment Card, Industry Data Security Standard (PCI DSS),Sarbanes-Oxley (SOX).
• Understanding of the Software Development Life Cycle and Development Operations (DevOps) principles.

Other Requirements:

• Customer Focus
• Tech savvy
• Action orientation
• Drive results
• Cultivate Innovation
• Ability to optimize work processes
• Resilience
• Self-Development
• Nimble Learning
• Ensures Accountability.

Application Closing Date
Not Specified.