Vacancy For Manager, IT Risk & Compliance at IHS Towers, 27th May, 2019

IHS, the largest independent tower company in the EMEA Region, are currently recruiting for a Technical Procurement Manager. In this role, you liaise with key internal customers across the Technical function to determine product and service needs while managing stakeholder relationships, monitoring business trends, and sourcing new products and services to help achieve business goals. We are recruiting to fill the position below:     Job Title: Manager, IT Risk & Compliance Location: Lagos Job Description

• We are currently recruiting for a Manager, IT Risk & Compliance. In this role, you will be responsible for establishing an acceptable IT risk profile for the business and promoting adherence to information risk standards and procedures while ensuring that the company's systems are protected from internal and external threats and end-to-end security (frontline to back-end/ data centre) is maintained.

• Liaise with Enterprise Risk, Internal Audit, and other relevant functions across the business to ensure that all risk registers and compliance-related documentation are up to date in line with the overall enterprise risk management approach.
• Conduct continuous risk assessments and business impact analyses for new and existing solutions.
• Stay informed of all IT risks before they are highlighted by Audit or 3rd-parties. Ensure closure of open audit items. Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
• Identify potential threats to the confidentiality, integrity, and availability of the company’s systems and network.
• Identify and architect appropriate security technologies based on risks, policies and architecture. Support IT Architecture Review process and evaluate associated security of the proposed architectures.
• Perform other functions as assigned by the Senior Manager, IT Security.
• Provide inputs towards developing the company’s IT risk policies, plans and procedures, as well as supporting organizational structures, to ensure an acceptable level of assurance.
• Ensure all policies and procedures are documented, easily accessible, and adhered to.
• Build awareness of new and evolving IT risks across the business and implement appropriate systems and processes which ensure that information risks are detected early and proactively managed with timely remediation when undesired events occur.
• Contribute towards establishing credible risk governance, promoting an integrated risk management mindset at all levels, and promoting an execution approach which appropriately prioritizes actions based on business impact.
• Lead the identification of Key Risk Indicators (KRIs) across the business based on up-to-date situational analyses and trends and drive effective risk oversight by providing timely and relevant information on KRIs.
• Plan and execute quarterly IT General Control (ITGC) audits, complete with detailed findings and remediation follow-ups. Perform SOX ITGC audits.
• Implement ISO27001.

• Customer Focus
• Innovation
• Integrity
• Be Bold

• IT Security Administration
• IT Policies, Procedures & Standards
• IT Operations
• Incident Management
• SOX Compliance
• Risk Assessments
• Security Assessments
• Security Monitoring & Reporting
• Continuity & Disaster Recovery
• General Management
• Business Communication

• Analytical Thinking
• Continuous Learning
• Collaboration & Teamwork

• Thorough understanding of the latest security principles, techniques, and protocols.
• Demonstrable familiarity with web-related technologies (web applications, web services, service-oriented architectures), and network/ web-related protocols.
• Bachelor’s and/ or Advanced degree in Computer Science or any related disciplines.
• +9-10 years’ relevant experience in Information Security, IT Audit and Risk
• Hands-on experience in security systems review, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Demonstrable experience with network security and networking technologies as well with systems, security, and network monitoring tools.