Cyber Security Governance & Risk Analyst at Korapay

Job Summary

• As a Cyber Security Governance & Risk Analyst at Korapay, you will be responsible for protecting the security of the organization’s information systems and data, by setting policies, monitoring compliance, and following defined procedures to identify, assess and manage risks from external and internal threats, all guided by the organization’s view of risk.
• This position is responsible for overseeing the risk management process and contributing to the resolution of complex issues by working with risk owners, general business managers, or colleagues in other departments such as Engineering, to manage policies and risks in the context of the organization’s high-level objectives and values.
• The ideal candidate has deep technical security knowledge and expertise and will help define and implement robust security architecture strategies, frameworks, and governance processes.

Requirements
Here are a couple of things you'll be doing:

• Perform risk assessment and recommend changes to procedures and systems to comply with global Information security standards
• Develop Policies and Procedures that guide and add to the overall effectiveness of information security across the enterprise.
• Provide an in-depth review of the organization’s ability to protect its information assets and its preparedness against cyber threats
• Ensure required Information Security policies and procedures are reviewed and updated in line with the Management System Standards
• Carry out technical security testing (including Vulnerability Assessment and Penetration Testing) and Security Assessments
• Perform static and dynamic code testing of internal web applications and external partner applications to identify vulnerabilities and security defects
• Carry out periodic internal reviews/audits to ensure that documented IT & Cybersecurity procedures are followed.
• Implement cyber security framework reporting in line with stated timelines and SLAs by the CBN
• Ensures that the organization complies with legal and regulatory requirements
• Develops Cyber and Information Security risk management strategies and controls, taking into account business needs and risk assessments, and balancing technical, physical, procedural, and personnel controls
• Evaluate the security posture of third-party vendors and work with them to meet security requirements
• Continuously updating the company’s incident response and disaster recovery plans
• Monitor and enforce compliance with Information Security policies and procedures according to PCI DSS regulatory standards
• Ensure the organization maintains the PCI DSS, ISO 22301 & ISO 27001 certification
• Actively participate in security initiatives with minimum supervision.
• Be the subject matter expert for cyber security governance.
• Work together with cross-business units to manage policies and risks in the context of the organization’s objectives and values.
• Other duties as assigned by the CISO.

Requirements
Here's what are we looking for:

• Minimum of a Bachelor’s Degree certificate
• 3 - 5 years experience as a Cyber Security Governance & Risk Analyst.
• ISO/IEC 27001 Lead Implementer Certified
• Excellent verbal and written communication, especially in producing formal documents which are comprehensive and without ambiguities
• Ability to assess the likelihood (taking account of vulnerabilities and threats) and impact of cyber-attack techniques and deliberate or unintentional damaging actions by people within the organization
• Ability to present logical, objective reasons for all decisions made
• Ability to interpret legal and regulatory requirements and integrate them with an organization’s operational requirements
• Ability to encourage and support colleagues, including those in other departments, to achieve shared objectives
• Ability to work effectively within organizational policies, procedures, and security & legal constraints
• Experience in applying risk management methodologies, such as those in ISO 27001, and sector-specific requirements, such as PCI-DSS
• Ability to assess the compliance of procedures and practice with agreed standards
• Problem-solving and analytical skills.
• Self-motivated individual who is adaptive to change.
• Finally, you live and breathe security, you have bags of energy, obsess about security & trust and you are passionate and breathe security.

Benefits

• Competitive Salary (Salary: N250,000 - N600,000 Monthly)
• Health Insurance Coverage
• Sponsored and Tailored training
• Work Flexibility and
• The opportunity to work with a highly collaborative team-building something great!

Why Korapay:

• We pay very competitively in the Nigerian market for the matched experience and role depending on your qualifications and experience.
• We have excellent benefits that include Health Insurance coverage, Free lunch.
• You'll get to work with other experienced, high-performing engineers and teammates to build impactful products.