The Nigerian Stock Exchange, services the largest economy in Africa, and is championing the development of Africa's financial markets. The Exchange offers listing and trading services, licensing services, market data solutions, ancillary technology services, and more. It is an open, professional and vibrant exchange, connecting Nigeria, Africa and the world.
We are recruiting to fill the position below:
Job Title: Information Security Analyst
Location: Lagos
Division: CEO
Department: Information Security Department
Report to: Acting Chief Risk Officer
Grade: Info-Sec Analyst
Estimated Date of Resumption: Monday, March 18, 2019
Job Summary
- The Information Security Analyst reports to the Head of Information Security Department and is responsible for the design, implementation and maintenance of effective systems security solutions.
- S/he will also investigate and resolve identified systems security breaches, create comprehensive maintenance of information security policies, standards, guidelines and procedures and monitor for compliance in line with the organization’s IT security policy and applicable laws.
- Strategy & Planning: Lead the planning and design activities for the enterprise security architecture, under the directives of the Head, Information (Security) Risk Management; participate in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) in collaboration with other team heads in the Information Security Department and; provide leadership and work guidance to members of the Information Security team.
- Problem Solving: The post holder will be expected to work actively to achieve enterprise security goals within a set of resource constraints. Have the ability to think logically and analyse complex situations for effective, sometimes out of the box solutions and; work with all stakeholders to develop strategic solution options and delivery plans.
Key Responsibilities
- Monitor and advice on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended. Coordinate response to information security incidents
- Conduct data classification assessment and security audits and manage remediation plans Collaborate with IT management, the legal department, and other stakeholders to manage security vulnerabilities
- Participate in projects from outset, ensuring Information Security principles are built into the design and implementation from the outset Evaluate potential risks to The Exchange’s applications, network and operating systems and introduce countermeasures to address those risks. Create, manage and maintain user security awareness
- Identify vulnerabilities and monitor remediation Pro-actively take steps to avoid security breaches Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
- Identifies potential threats to the confidentiality, integrity & availability of the system and network Prepare IT security documentation, including information security policies, procedures, standards and guidelines based on compliance requirements and knowledge of best practices
- Responsible for developing and implementing key information security functions across the organization include architecture and design for NSE information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment and testing, monitoring and metrics, incident management, operational aspects of NSE’s data privacy program, and threat and vulnerability management
- Provide consulting and guidance on the remediation of vulnerabilities Define, implement, and maintain information security policies, standards and procedures
- Design, develop, or recommend integrated security system solutions that will ensure proprietary/confidential data and systems are protected Identify and architect appropriate security technologies based on risks, policies, and architecture
- Support IT Architecture Review process and evaluate associated security of the proposed architectures Perform other functions as assigned by the Line Manager.
Requirements, Qualification and Experience:
- A minimum Bachelor's degree in Science, Computer Science, Engineering discipline, Mathematics or Physics or any related discipline
- A minimum 5 years relevant experience with desktop, server and/or network administration
- Experience with IP networking, networking protocols, IPSec, VPN's, firewalls, proxy services, DNS, email, access lists.
- Experience using some or all of the following or similar information security technologies: Active Directory; Intrusion detection/prevention systems (IDS/IPS); Web filtering; Vulnerability scanners; Encryption technologies for data at rest and data in transit; Mobile device and removable media protection or management systems; Forensic analysis , Firewall, etc Experience within the Financial or Services sector will be a distinct advantage.
Functional Competencies:
- Project Management
- Threat Analysis
- Business Risk
Behavioural Competencies:
- Effective Communication Skills (Written & Oral)
- Leadership
- Strategic Thinking.
Application Closing Date
21st February, 2019.
How to Apply
Interested and qualified candidates should:
Click here to apply online