Specialist, IT Risk Management At IHS Towers
Job Title: Specialist, IT Risk Management
Location: Lagos, Nigeria
Job Description:
- We are currently recruiting for a Specialist, IT Risk Management who will assist in promoting adherence to information risk standards and procedures which protect the company’s systems from internal and external threats.
Key Roles & Responsibilities
- Provide inputs to design of the Information Risk Management (IRM) framework. Take responsibility for maintaining the framework, including refreshing and implementing an annual program.
- Build awareness of new and evolving risks across in-scope functions and IT.
- Lead the identification of key risk indicators (KRIs) for in-scope functions based on up-to-date situational analyses and trends. Provide relevant and timely information on KRIs for effective risk oversight.
- Develop action points to ensure that KRIs which exceed thresholds are reduced to an acceptable level.
- Perform annual IT risk and audit reviews in line with the approved annual plan.
- Provide second-line security and audit assurance for continuous improvement.
- Collaborate continuously with internal audit and other key internal stakeholders as part of the overall enterprise risk management framework.
- Contribute towards establishing credible risk governance, an integrated risk management mindset, and an execution approach which appropriately prioritizes action based on business impact.
- Implement appropriate systems and processes that ensure information risks are proactively managed and undesired events (when they occur) are detected and remedied early.
- Participate in the development of risk plans and procedures, as well as organizational structures, that provide an acceptable level of assurance in IT.
- Follow up on open audit and risk items to ensure closure.
- Manage the business continuity plan (BCP) for IT. Ensure continuous and regular validation and testing of documented/ approved BCP.
- Conduct continuous risk assessments for new and existing solutions.
- Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
- Perform gap assessments using the COBIT process assessment model and follow up to ensure timely remediation of gaps and implementation of new IT processes.
- Review policies and develop processes and procedures that provide an acceptable level of assurance.
- Perform other tasks and duties as assigned by the Manager, IT Risk & Control.
Experience & Qualifications Required
- Bachelor’s Degree in Computer Science, Computer Engineering, Information Technology, or related disciplines.
- 5-6 years’ relevant work experience in Information Security, Risk Advisory, and IT Compliance.
- Professional certifications such as CISA, CRISC, ISO27001, ISO27005: Lead Risk Manager will be an asset.
- Demonstrable application of knowledge of defence in-depth, least privileges, need-to-know, separation of duties, access controls and encryption.
- Proven knowledge of risk management, information security, mobile core technologies and controls.
Organizational Competencies:
- Be Bold
- Customer Focus
- Innovation
- Integrity
Functional Competencies:
- IT Audit
- Vulnerability Management
- Business Continuity
- Risk Management
- ITIL
- ISO27001
- Problem Solving
Behavioural Competencies:
- Collaboration & Teamwork
APPLY NOW
Deadline: Expired