Information Security Governance Officer at Providus Bank Plc

Providus Bank Plc is a Personal and Private commercial bank in Nigeria with strength in IT infrastructure and digital channels to support fin-techs and businesses.

We are recruiting to fill the position below:

Job Title: Information Security Governance Officer

Location: Lagos
Employment Type: Full-time

Job Summary

• The security governance team establishes and oversees the bank’s security strategy and compliance approach to information security requirements.
• Includes responsibility security policies and practices for conformance with mandatory legislation and regulations; strategic security plans for the technology to enable the organization's business strategy; transparent decision making, leading to the justification for investment, with the appropriate balance between stakeholder benefits, opportunities, costs, and risks.

Responsibilities
Principal Duties:

• Policies, Standards and Compliance
• Risk Assessment

Responsibilities
Policies, Standards and Compliance:

• Review security policies, standards, and baselines for cyber security controls.
• Review Cybersecurity strategies and track strategic initiatives.
• Work with the relevant teams to ensure adequate compliance with defined policies, standards and baselines.
• Conduct regular reviews to ensure that policies, standards and baselines are up-to-date and are aligned with business requirements.
• Conduct information security awareness program for customers, staff/contractors.
• Ensure the bank’s continuous compliance with relevant regulatory requirements and applicable global standards such as Data Protection, ISO 27001, PCI DSS, ISO 22301, and other implemented best practices.
• Carry out performance reviews of the Information security management system.
• Work with the relevant teams to ensure compliance with the established policies.

Risk Assessment:

• Conduct periodic risk assessments of information assets, IT processes and banking products to ascertain the level of risk exposure.
• Review security configuration of IT assets to ensure compliance with leading practice.
• Perform periodic reviews of IT and cyber security functions to ensure compliance with the Bank’s standard operating procedures.
• Work with the relevant teams to track the remediation of identified gaps

Requirements

• Degree in Computer Science or any relevant information systems discipline.
• Knowledge of security standards and good practices, e.g., ISO 27001, PCI-DSS, NDPR
• Minimum of five years’ experience working with any of the above standards.
• Must possess at least two of the following: CISM, ISO 27001, PCI-ISA, CDPSE, and ISO 22301, and other relevant certifications.
• Previous industry experience in the governance, risk and compliance
• Expert knowledge of information/cyber security standards: NIST, CIS, ISO Standards for information security, PCI DSS, and industry standards.

Application Closing Date
Not Specified.