Skill Enhancement Centre (SENCE) Limited- We are a Business Consultancy firm focused on small/medium businesses. Our goal is to provide our clients with the support they need to grow their businesses by providing them with value -added and convenient services in a friendly atmosphere.
Our Client - A leading and established Information Communications and Technology Services company is desirous of recruiting persons to fill the position below:
Job Position: Information Security Officer
Job I.D: 11
Location: Lagos
Job Description
- The Information Security Officer (ISO) is responsible for the development and delivery of a comprehensive information security and privacy program. The scope of this program is company-wide, and includes information in electronic, print and other formats.
- The purposes of this program include: to assure that information created, acquired or maintained by the company and its authorized users, is used in accordance with its intended purpose; to protect the company's information and its infrastructure from external or internal threats; and to assure that the company complies with statutory and regulatory requirements regarding information access, security and privacy.
Duties and Responsibilities
The role has been broken down as follows;
- Coordinate the development of the company's information security policies, standards and procedures.
- Work with key IT offices, data custodians and governance groups in the development of such policies.
- Ensure that the company's policies, support compliance with external requirements.
- Oversee the dissemination of policies, standards and procedures to the office community.
Education and Training:
- Coordinate the development and delivery of an education and training program on information security and privacy matters for employees, other authorized users, and students.
- Compliance and Enforcement
- Serve as the company's compliance officer with respect to the Company, State and Federal Information Security policies and regulations.
- Prepare and submit required reports to external agencies.
Incident Response:
- Develop and implement an Incident Reporting and Response System to address the company's security incidents (breaches).
- Respond to alleged policy violations, or complaints from external parties.
- Serve as the official company's contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities.
Risk Assessment and Incident Prevention:
- Develop and implement an ongoing risk assessment program targeting information security and privacy matters.
- Recommend methods for vulnerability detection and remediation, and oversee vulnerability testing.
Official Contact:
- Act as the official contact representing the company on Information Security matters; serve as the office contact point for external auditors and agencies, survey requests, etc on security/privacy matters.
- Maintain Knowledgebase - Keep abreast of latest security and privacy legislation, regulations, advisories, alerts and vulnerabilities pertaining to the company and its mission.
- Emergency Preparedness - Take part in company's Disaster Recovery Planning.
Qualifications and Skills
- Bachelor's degree in a related field required. Advanced degree preferred.
- Minimum 7 years of experience in Information Security, Information Technology or related field.
- Experience in developing and administering an information security program essential.
- Excellent policy development, program administration and compliance/incident response experience.
- Very good knowledge of the regulatory environment of information security is essential.
- Excellent project management.
- Written and oral communications skills.
- Ability to work collaboratively with a broad range of constituencies essential
- A demonstrated ability to work with diverse groups of people is required.
Application Closing Date
17th October, 2013
How to Apply
Interested and qualified candidates should:
Click here to apply online