Information Security Officer at AB Microfinance Bank Nigeria

AB Microfinance Bank is a national microfinance bank licensed by the Central Bank of Nigeria (CBN), with its head office in Lagos and branches spread across Lagos, Oyo, Ogun, Ondo and Anambra State.

AB Microfinance Bank Nigeria is committed to its passion of helping to improve the business opportunities of entrepreneurs by availing them of easy access to affordable loans, as well as improve the general financial status of everyone with its deposit accounts. It is a limited liability company duly incorporated in Nigeria under the 2002 Companies and Allied Matters Act, and is regulated by the Central Bank of Nigeria as a fully fledged microfinance bank.

The Bank has an exceptional group of very strong international shareholders committed to the task of improving access to financial services in the country. These shareholders are Access Microfinance Holding AG of Germany, KfW - the German Development Bank, the African Development Bank, and the International Finance Corporation of the World Bank Group. Together, they have an established record of setting up and managing microfinance banks across the African and Asian continents in such countries as Nigeria, Tanzania, Liberia, Zambia, Rwanda, Madagascar, Azerbaijan, Tajikistan,Georgia and Brazil.

We are recruiting to fill the position below:

Job Title: Information Security Officer

Job Ref Code: IT/INFOSEC/JAN/2025
Location: Ikeja, Lagos
Employment Type: Full-time

Job Summary

• The Information Security Officer (ISO) is responsible for developing, implementing, and maintaining a robust information security framework to protect the bank's digital assets, systems, and customer data from internal and external threats.
• The role involves ensuring compliance with regulatory requirements, identifying security risks, and implementing measures to mitigate them while supporting the bank’s IT operations and objectives.

Main Responsibilities

• Develop, implement, and maintain information security policies, procedures, and standards aligned with industry best practices and regulatory requirements
• Conduct regular risk assessments and vulnerability scans to identify potential security threats and vulnerabilities
• Design and implement security controls to mitigate identified risks and protect organizational assets
• Monitor and analyze security events and incidents, leading incident response efforts when necessary
• Manage the organization's security awareness program, providing training and guidance to employees on security best practices
• Collaborate with IT teams to ensure the secure configuration and maintenance of network infrastructure, systems, and applications
• Stay up-to-date with emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures
• Ensure compliance with relevant data protection laws and regulations, including Nigerian data protection requirements
• Perform regular security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement
• Manage relationships with external security vendors and service providers

Necessary Experience and Requirements

• B.Sc / HND in Computer Science or related discipline with cognate experience.
• Minimum of 4 years’ experience working in related environment with a variety of technology and security solutions.
• Ability to perform vulnerability assessments, compliance audits, penetration testing, and the experience is an asset.
• Technical knowledge of state-of-the art Technology and Cybersecurity tools, demonstrable passion for information security and data privacy, strong focus on compliance.
• Understanding of the financial sector business processes and related technology, security is an asset.
• Good knowledge of ISO27001 security control and information security management
• Good understanding of operational risks and security in a financial sector
• Excellent analytical and problem-solving skills including the ability to define problems, collect data, establish facts and draw valid conclusion.

Desired experience and knowledge:

• Relevant certifications such as CompTIA Security+, CEH and ISO 27001 Lead Implementer or information security related certification would be an advantage
• Prior working experience with financial systems and solutions (e.g., core banking system) and Enterprise infrastructure.
• Background in the financial sector (banking, microfinance, insurance, etc.) or technology industry (telecommunication, managed services, etc.) or technology and cybersecurity/information security similar sector.

Personal Attributes:

• Highly motivated and a team-player with a strong development potential.
• Strong ethical conduct, honesty, and integrity
• Ability to adapt to changing environments and priorities.

Application Closing Date
22nd January, 2025.

Method of Application
Interested and qualified candidates should:
Click here to apply online