Chief Information Security Officer at Greenwich Registrars & Data Solutions Limited

Greenwich

Company Info

Since our establishment in the late 1950s, Greenwich Registrars & Data Solutions Limited has grown into a prominent entity with a diverse client base that includes prominent Nigerian corporations and multinational subsidiaries. Our primary role is to act as an intermediary, facilitating communication between our clients and their shareholders. We offer comprehensive share registration and data management services to meet the needs of our clients.

Title: Chief Information Security Officer

Location: Lagos

Job Type: Full Time

Job Objective

  • To ensure adequate control exist around the Information Assets of the organisation to give assurance of Confidentiality Integrity and Availability of the information system.

Duties & Responsibilities

  • Communicate the information security policy to all relevant personnel and customers where appropriate.
  • Coordinating the implementation of approved information security strategies, programs, and initiatives.
  • Implement the requirements of the information security policy.
  • Perform periodic information security risk assessments and develop risk treatment plans to address all key risks evaluated.
  • Ensure that security controls are documented.
  • Quantify and monitor the types, volumes, and impacts of security incidents and malfunctions.
  • Monitor achievement against targets.
  • Establish and maintain a continual improvement action list.
  • Report on improvement activities.
  • Ensure that procedures are in place to define the recording, prioritization, business impact, classification, updating, escalation, resolution, and formal closure of all security incidents.
  • Ensure that all staff involved in incident management shall have access to relevant information such as known errors, problem resolutions, and the incident management helpdesk.
  • Arrange and attend service review meetings on a regular basis.
  • Actively seek standardization and automation, apply and implement best practices for managing systems controls and deploy innovative technology where possible to enhance and continuously improve the design and operating effectiveness of the controls, documentation, assessment and review procedures.
  • Actively engage with external consultants during Enterprise-Wide Vulnerability Assessment and Penetration Testing VAPT and other IT audit engagements.
  • Performing risk assessment: Analyzing current risks and identifying potential risks that are affecting the information system of the company.
  • Ensure that controls that meet business requirements are embedded at all levels of system development/acquisition life cycle (SDLC)
  • Ensure that changes within the organization are controlled to meet the business requirements of the organization
  • Ensure segregation of duties in all business systems and IT infrastructure by enforcing maker-checker controls for greater accountability
  • Coordinate and collaborate with various departments within the organization to formulate, implement and disseminate company-wide policies and standards ensuring confidentiality, integrity and availability of information assets.
  • Compile Database Access control requirements, procedures, and monitoring compliance with them
  • Support Internal Auditors, Internal Control and Financial Control Team with their daily review on Accounts/Transactions.
  • Create Schedule Jobs for monitoring GRDS’s daily processes using Oracle and ACL.
  • Develop Scripts/SQL queries for generating EOD/EOM/EOY reports.
  • Application Testing, API Testing (Swagger, Postman, Azure Microservices etc.)
  • Daily Application Server checks for unapproved Changes and its potential impact on security, capacity, release management and service continuity plans.
  • Ensuring that controls are implemented to mitigate market, credit, operational and other variants of risk that the institution may be exposed to.
  • Coordinate with business units to implement controls considered adequate to mitigate risk
  • Coordinate with business units in the implementation of Risk and Control Self-Assessment (RCSA) and preparation of a risk register that covers all risks that the institution is exposed to
  • Follow up with the business units on outstanding action items regarding controls noted during the RCSA and in the risk register
  • Monitor key risk indicators for all business units and prepare quarterly report.
  • Establish procedures for timely identification of emerging risks that may affect the business.
  • Any other duties as required by the Head, Risk and Internal Control.

Key Skills and Competence

  • Degree in Computer Science / Engineering from a reputable University
  • 3 years and above of experience in Information Security
  • Good understanding of ISO 27001 control requirement and the process for conducting Risk Assessment and identifying treatment options.

Certification:

  • ISO 27001 Lead Implementer / ISO 27032 – Lead Cyber Security Manager/CISA/CISM.

Deadline: Not Specified.

How to Apply: Interested and qualified candidates should send their CV to: [email protected] using the Job Title as the subject of the mail.

Hot and trending jobs below:

    Posted In ICT/IT/Telecommunication

    Other Jobs Listed By the Company.

    Mykiakia

    Administrative Officer at MyKiaKia Online

    MyKiaKia Online is your go-to destination for seamless online shopping experiences. A subsidiary of Najec FMCG that powers supply chain and fast moving commodities bringing products from different brands at affordable rates. | Abuja

    0 Views

    February 12, 2025