Lead, Security Governance, Risk and Compliance - SGCI251

DelonJobs is seeking to hire a Lead, Security Governance, Risk and Compliance for a leading Insurance Company in Lagos, Nigeria.

The ideal candidate will be responsible for establishing an appropriate IT risk profile and promoting adherence to information risk standards and procedures, ensuring the company's systems are protected from internal and external threats, with end-to-end security maintained across all layers (from the frontline to the back-end and data centre)

Interested candidate must possess a minimum of a Bachelor’s degree in Computer science, or any related field with at least 7 years’ relevant experience in Information Security, IT Audit and Risk.

Annual gross salary is between N10M - N13M

Interested candidates should send their CVs with the subject “Lead, Security Governance, Risk and Compliance -SGCI251” to cv@delon.ng 

Job Type: Full-time 

Duties & Responsibilities:     

• Responsible for assurance over enterprise security and security operations as well as operational compliance to all ISO and related standards and regulations.
• Lead the planning and execution of information security assurance, under the directives of the Chief Information Security Officer. 
• Lead the creation and maintenance of information security policies, standards, & baselines
• Build awareness of new and evolving IT risks across the business and implement appropriate systems and processes which ensure that information risks are detected early and proactively managed with timely remediation when undesired events occur.
• Lead the identification of Key Risk Indicators (KRIs) across the business based on up-to- date situational analyses and trends and drive effective risk oversight by providing timely and relevant information on KRIs.
• Plan and execute quarterly Information Security audits, complete with detailed findings and remediation follow-ups.
• Implement and maintain compliance with relevant standards e.g. ISO27001, NIST, CIS, etc.
• Liaise with Risk Management, Internal Audit, and other relevant functions across the business to ensure that all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk management approach.
• Conduct continuous risk assessments and business impact analyses for new and existing solutions.
• Stay informed of all IT risks before they are highlighted by Audit or 3rd-parties. Ensure closure of open audit items. 
• Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
• Prepare various reports for management decision making
• Perform other functions as assigned by the Chief Information Security Officer
• Manage Subordinates’ performance and conducts formal appraisal

Key Requirements 

• Minimum of a Bachelor’s degree in Computer Science or any related disciplines.
• Professional certification like CISA, CRISC, CISSP, ISO27001
• Possess a minimum of 7 years’ relevant experience in Information Security, IT Audit and Risk. 
• Proven experience in Security Governance and Compliance with established standards.
• Hands on experience in review of Security Systems, IT Applications and Infrastructure.
• Demonstrable experience in Information Security Governance and Risk Management.
• Demonstrable experience in Information Security Compliance with Standards and Regulations.
• Thorough understanding of the latest security principles, techniques, and protocols.
• Experience with Information Security Compliance and Assurance.

• Opportunity for career growth into executive security roles.
• Hands-on experience with modern security tools and technologies.
• Involvement in enterprise-wide security architecture and planning.
• Gross salary of ₦10M – ₦13M per year.