Lead Information Security / Data Protection Officer at AB Microfinance Bank Nigeria

AB Microfinance Bank is a national microfinance bank licensed by the Central Bank of Nigeria (CBN), with its head office in Lagos and branches spread across Lagos, Oyo, Ogun, Ondo, Abia, Anambra, Delta, Enugu and Rivers State.

AB Microfinance Bank Nigeria is committed to its passion of helping to improve the business opportunities of entrepreneurs by availing them of easy access to affordable loans, as well as improve the general financial status of everyone with its deposit accounts. It is a limited liability company duly incorporated in Nigeria under the 2002 Companies and Allied Matters Act, and is regulated by the Central Bank of Nigeria as a fully-fledged microfinance bank.

The Bank has an exceptional group of very strong international shareholders committed to the task of improving access to financial services in the country. These shareholders are Access Microfinance Holding AG of Germany, KfW - the German Development Bank, the African Development Bank, and the International Finance Corporation of the World Bank Group. Together, they have an established record of setting up and managing microfinance banks across the African and Asian continents in such countries as Nigeria, Tanzania, Liberia, Zambia, Rwanda, Madagascar, Azerbaijan, Tajikistan,Georgia and Brazil.

We are recruiting to fill the position below:

Job Title: Lead Information Security / Data Protection Officer

Ref Code: LIS/DPO/NOV/2024
Location: Ikeja, Lagos
Employment Type: Full-time

Job Summary

• The Lead Information Security is responsible to ensure that information related risks are kept at a minimum by making sure that controls are executed with quality and integrity, all staff are aware of and comply with information security policies and ensuring that non-compliance and other information security incidents detected are properly documented, investigated and addressed with appropriate corrective and preventive measures under guidance from the line supervisor.
• The Lead Information Security will also serve as Data Protection Officer (DPO). As DPO, he/she will be responsible for overseeing the organization’s data protection strategy and implementation. Ensures that the organization is complying with the Nigeria Data Protection Act (NDPA)/Regulation (NDPR) and other related regulatory requirements. He/she will also manage the Integrated Management System (IMS), ensuring implementation of and compliance to the relevant ISO standards in the IMS.

Main Tasks and Responsibilities

• InfoSec Risk Control: Advise on InfoSec related risks associated with operational practices in general and introduction of new Software and Hardware in detail and define requirements for risk control.
• Continuously review and modify as applicable information security practices and procedures.
• Assist in the Risk Assessment process to include asset inventory, system criticality, and data classification, threat analysis and action plans.
• Drive implementation of essential elements of the NDPR and ensure compliance with the requirements of the Regulation and other related regulatory requirements.
• Lead the development and maintenance of ABN data protection framework and Integrated Management System, developing and driving a data protection and information security culture through awareness, training, and providing advice at all levels – up to and including the Board.
• Create and maintain robust policies and procedures and communicate effectively to the business; and input into relevant policies and procedures developed by other business functions.
• Provide advice regarding Data Protection Impact Assessments.
• Monitoring & Analysis: design and implement controls to help monitor day-to day quality and accuracy of implementation of Information Security Policies and processes. Analyses gaps between should be and as-is applying the Plan-Do-Act-Adjust Cycle and ensures overall quality of control outcomes as executed by team members.
• Under guidance from the line supervisor, ensure that information security is enforced across the IT department and at large in the bank.
• Reports Information Systems incidents to the management and the group’s information security office and ensuring up to date documentation exists for the same. Also, indicating disciplinary measures taken for non-compliance.
• Coordinates the capture of Information Systems key indicator metrics for reporting to the Management

Qualifications, Necessary Experience and Knowledge

• At least a Bachelor’s Degree in Computer Engineering, Information Technology, Business Information Technology, Business Administration+ Banking
• Minimum of five years’ experience in information security and data protection, preferably in the banking sector.
• Professional certifications such as CISSP, CISM, or equivalent is highly desirable
• Strong working knowledge related to Network Connectivity, Infrastructure, Operating Systems, Architecture Security, Production Support and Application Management.
• Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
• Project management experience highly desired
• Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams
• Ability to interpret and apply policies and regulations across a large, complex business
• Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
• High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions.
• Proven experience in risk management, incident response, and security operations.
• Strong working knowledge related to Network Connectivity, Infrastructure, Operating Systems, Architecture Security, Production Support and Application Management.

Application Closing Date
12th November, 2024.

Method of Application
Interested and qualified candidates should:
Click here to apply online

Note: Kindly go through it carefully and only qualified candidates should apply accordingly.