Information Security Manager at Dangote

Description

The Information Security Manager oversees Dangote security strategy, including policy development, incident response, and compliance. This role leads a team, manages security technologies, conducts risk assessments, and collaborates with various departments to maintain robust security measures. The ideal candidate will have extensive experience in information security management, a proven track record in risk management and compliance, and strong leadership and communication skills.

Key Responsibilities

• Security Architecture design – Design, Develop and maintain the organization's security architecture, including network, system, and application security.
• Design and implement security solutions that are scalable, reliable, and easy to use.
• Security Policy documentation and review - Develop and implement a comprehensive information security program that includes policies, procedures, and protocols to ensure the confidentiality, integrity, and availability of the organization's information systems and data.
• Security Auditing and Reporting - Conduct regular security audits to identify vulnerabilities and threats to the organization's information and technology assets.
• Conduct risk assessments to identify potential security vulnerabilities and develop mitigation strategies.
• Development of an OT / IoT Security plan and roadmap - Design and implement security solutions for OT and IoT systems that are scalable, reliable, and easy to use.
• Perform vulnerability assessments and penetration testing to identify potential security weaknesses in our OT and IoT systems.
• Developing and Implementing security framework, policies, processes/procedures and guidelines -Collaborate with other IT teams to ensure that security controls and measures are integrated into our systems and applications.
• Evaluate and recommend security technologies, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
• Security team Management - Manage a team of information security professionals to identify and mitigate security risks, monitor security incidents, and provide effective security solutions to the organization.
• Stay up-to-date with emerging security threats and trends and recommend appropriate measures to mitigate risks.

Requirements

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or any related field. Master’s degree preferred.
• Relevant certifications such as CISA, GIAC, NIST, or equivalent.
• Minimum of 7-10 years of experience in information security or a related field.
• At least 3 years of experience in a managerial or leadership role, overseeing security teams and initiatives.
• Proven track record in developing and implementing security policies, procedures and strategies.
• Security Tools and Technologies:
• Proficiency with firewalls, Identity management with Microsoft entra, SIEM, encryption, antivirus, etc.
• Security Frameworks and Standards: In-depth knowledge of ISO 27001, NIST, NICE Framework.
• Incident Response and Management: Expertise in developing and executing incident response plans and handling breaches.
• Risk Management and Compliance: Strong understanding of risk assessment, mitigation, and regulatory compliance.
• Network and Application Security: Familiarity with best practices in network security, application security, and cloud security.
• Proven expertise in developing and executing strategic incident response plans that significantly reduce the organization's response time to security breaches.
• Demonstrated ability to lead thorough investigations, implement corrective actions swiftly, and conduct post-incident analysis to prevent recurrence.
• Successful track record in minimizing the impact of security incidents, ensuring business continuity, and improving the overall security posture of the organization.
• Proven ability to lead, manage and mentor a team of security professionals, fostering a collaborative and high-performance work environment.
• Demonstrates strong decision-making capabilities, strategic vision, and the ability to navigate complex security challenges, ensuring the team's alignment with the organization’s security objectives and overall mission.
• Excellent verbal and written skills to convey complex security concepts clearly.
• Proficiency in managing multiple projects, prioritizing tasks, and meeting deadlines.
• Strong interpersonal skills for stakeholder management and promoting a security culture.

Key Performance Indicators (KPIs):

• Incident Response Time: Speed of detecting and resolving security incidents.
• Security Training: Effectiveness of security awareness programs.
• Skills and Competencies
•  Minimum of 7-10 years of experience in information security or a related field.
• At least 3 years of experience in a managerial or leadership role, overseeing security teams and initiatives.
• Proven track record in developing and implementing security policies, procedures and strategies. Job Responsibilities
• Security Architecture design – Design, Develop and maintain the organization's security architecture, including network, system, and application security.
• Design and implement security solutions that are scalable, reliable, and easy to use.
• Compliance Rate: Adherence to security policies and regulations.
• Vulnerability Remediation: Efficiency in identifying and fixing vulnerabilities.
• Audit Outcomes: Results and improvements from security audits.
• Risk Assessments: Regularity and thoroughness of risk assessments.
• Patch Management: Timeliness of system and application patching.
• Employee Training: Number of employees trained in security practices.
• Reporting: Accuracy and timeliness of security metrics and reports.