Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,215,608 members, 8,026,488 topics. Date: Wednesday, 11 December 2024 at 04:37 PM

Job Vacancy - Chief Information Security Officer (ciso) At Ave Maria Mfb - Jobs/Vacancies - Nairaland

Nairaland Forum / Nairaland / General / Jobs/Vacancies / Job Vacancy - Chief Information Security Officer (ciso) At Ave Maria Mfb (218 Views)

Job Vacancy At Ave Maria Multipurpose Invest Ltd And Ave Maria Microfinance Bank / Recruitment At Ave Maria Microfinance Bank Limited (MFB&MFI) / Recruitment At Ave Maria Microfinance Bank (2) (3) (4)

(1) (Reply)

Job Vacancy - Chief Information Security Officer (ciso) At Ave Maria Mfb by kennyshine123: 4:41pm On Dec 27, 2023
RECRUITMENT AT AVE MARIA MICROFINANCE BANK LIMITED

We are recruiting to fill the position below:

Job Title: Chief Information Security Officer (CISO)

• Location: Oyo (Oyo State).
• Role: Chief Information Security Officer (CISO)
• Full Time

Job Profile

• The Chief Information Security Officer is responsible for the organization's Security Program including but not limited to daily operations of the IT security program, oversight of the annual and ongoing risk assessment process, development, implementation, and maintenance of policies and procedures, ensuring the confidentiality, integrity and access of electronic protected information and of monitoring program compliance as well as investigation and tracking of incidents and breaches and in compliance with federal and state laws.
Duties and Responsibilities.
• Builds a strategic and comprehensive information security program that defines, develops, maintains and implements policies and processes that enable consistent, effective information security practices which minimize risk and ensure the integrity, confidentiality and availability of information that is owned, controlled and processed within the organization. Ensures information security policies, standards, and procedures are up-to-date.
• Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
• Creates a culture of cyber security both with the IT organization and driving behavioral changes for the business.
• Evaluates security trends, evolving threats, risks and vulnerabilities and applies tools to mitigate risk as necessary.
• Ensure that the disaster recovery, business continuity, risk management and access controls needs of the facility are addressed.
• Ensures the institution/organization complies with the administrative, technical and physical safeguards.
• Collaborates with organization senior management, and Compliance officer to establish governance for the security program.
• Serves in a leadership role for security compliance.
• Works closely with compliance to ensure alignment between security and privacy compliance programs including policies, practices and investigations.
• Is responsible for initial and periodic information security risk assessment/analysis, mitigation and remediation. Responsible for development and implementation of security risk management plan.
• Ensure organization has audit controls to monitor activity on electronic systems that contain or use electronic protected information.
• Ensure the organization has and maintains appropriate system use and disclosure / confidentiality statement.
• Assists as needed with breach determination and notification processes under applicable State breach rules and requirements.
• Establishes and administers a process for investigating and acting on security incidents, which may result in a privacy breach breaches.
• Manages security incidents and events involving electronic protected information, identified vulnerabilities, and remediates any security gaps in line with the security incident management procedure.
• Partners with Human Resources and compliance to ensure consistent sanctions for security violations.
• Serves as information security consultant to all departments for all data security related issues.
• Oversee periodic monitoring and reviewing of audit records to ensure that activity is appropriate. Such activity would include, but is not limited to, logons and logoffs, file accesses, updates, edits and printing.
• Leads vulnerability assessment and penetration testing on a periodic basis.
• Monitors and implements remediation actions resulting from vulnerability assessment, Pentests and external 3rd party security risk assessments.
• As subject matter expert on the team, maintain understanding of current technology, database management, programming practices, and future trends through ongoing education, conference attendance and industry press.
• Maintains current knowledge of applicable federal and state security laws, licensing and certification requirements and accreditation standards.
• Coordinate with external sources for threat intelligence relevant for OPEC Fund and initiate remedial actions.
• Coordinate with national cyber security agencies and forums.
• Contributes to the drafting of policies, procedures, and related guidelines within an area of expertise to meet defined key principles and ensure compliance with external requirements.
• Oversees, develops and/or delivers initial and ongoing security training to the workforce. Initiates, facilitates and promotes activities to foster information security awareness within the organization and related entities.
• Maintains and renews a deep knowledge and understanding of the organization’s policies and procedures and of relevant regulatory codes and codes of conduct, and ensures own work adheres to required standards.
• Identifies patterns of non-compliance with the organization’s policies and procedures, and with relevant regulatory codes and codes of conduct, taking appropriate action to report and resolve these and escalating issues as appropriate.
• Coordinates major cross-departmental activities related to cyber security.
• Leads corporate level incident response.
• Ensure external vendors are compliant and conduct periodic vendor risk assessments.
• Coordinate SWIFT customer security assessment and annual attestation to SWIFT.
• Maintains good relations/ contact with external partners/ consultants to acquire goods, services and support, and with other OPEC Fund departments/ units to ensure satisfaction and efficiency.
• Deals with authorized IT consultants hired by the OPEC Fund on the subject of consultancy projects and problem solution, on an on-going basis.
• Deals with all the Fund’s departments/ units on the subject of IT services and consultation, on an on-going basis.
• Carries out other tasks/ duties assigned by the supervisor that are related to the job function.
Qualifications and Experience
• Degree in Computer Programming, Security field or respective studies.
• CISSP/ISO 27K/NIST Certification.
• A minimum of 5 years of relevant professional experience.
• Preferably at least 3-5 years at an institution.
• Fluent in English. Good working knowledge of French, Arabic, German or Spanish is an added advantage.

Competencies:
• Demonstrable strategic orientation and critical thinking skills. He/she must generate valuable insight regarding external issues such as shifts in threats and countermeasures and internal matters such as business implications of information security policies and protocols.
• Familiarity with relevant software, including SAP ERP, SWIFT, Treasury Management Systems and Bloomberg’s information and trading platforms.
• Demonstrable project management skills.
• Must understand, develop, and define network security architectures.
• Excellent understanding of protocols that can manage firewalls, intrusion discovery, and intrusion prevention.
• Excellent experience with computer networking components, including DDoS and DoS mitigation approach, DNS, authentication, TCP/IP, and VPN proxy services.
• Demonstrable ability to work in an international multi-cultural environment, with sensitivity and respect for diversity.

Method of Application

Interested and qualified candidates should send their CV and Cover Letter to: recruitment@avemariamfb.com using the "Job Title" as the subject of the email.

Application Closing Date
20th January, 2024.

(1) (Reply)

Opportunity To Make Money Online / Job Opening: Administrative Assistant in ABUJA / Accommodation Problem.

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 16
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.