Information Security Specialist at Institute of Human Virology, Nigeria

Overview

• The Information Security Specialist delivers Develop plans to safeguard computer files against unauthorized modification, destruction or disclosure.
• Maintain enterprise safe cyberspace, Choose, implement, monitor and upgrade computer anti-virus and malware protection systems.
• Encrypt data transmissions and erect firewalls to conceal confidential information during transmission.

Job Description & Scope of Work

• Support the development and maintenance of information security roadmap covering all cyber security domains including defense-in-depth, network security, identity and access management, cloud security, data security, application security, cyber security analytics, endpoint security, and compliance.
• Actively monitor, review, and respond to alerts from various information security platforms and tools.
• Monitor & track regulatory and industry developments around cyber security and privacy.
• Respond to information security incidents through participation on the internal Cyber Incident Response Team (CIRT).
• Perform risk assessments and work with stakeholders to implement measures to mitigate risk.
• Monitor systems for vulnerabilities and provide prioritization and guidance for remediation.
• Implement and maintain information security platforms and tools within the organizational infrastructure.
• Work with existing infrastructure and application teams to operationalize, enforce, and track compliance with information security policies.
• Develop and lead the information security awareness program.
• Perform control gap analysis against existing control framework and recommend / track remediation activities.
• Maintain the information security risk register and exception management process.
• Contribute to the development and delivery of Key Risk Indicators (KRIs).
• Support the vendor risk assessment process to highlight risks and compensating controls for both new and existing vendors.
• Drive and support information security culture, values, and best practices throughout the organization.
• Keep up to date with trends and developments in information security and risk management.

Qualifications

• Master’s Degree in Computer Science, Information Technology or a closely related field, or equivalent experience required.
• 7+ years of broad IT experience with a minimum of 5 years focused on information security.
• Experience working in multiple security domains (Security and Risk Management, Security Operations, Communications and Network Security, Identity and Access Management, Vulnerability Management, etc.).
• Ability to manage and execute multiple work streams and initiatives in parallel.
• Technical or architectural experience with cloud solutions is considered an asset.
• Experience with cyber security risk management including conducting risk assessments, developing risk mitigation recommendations, and reporting.
• Knowledge of Security Governance, Risk and Compliance, and security audit practices.
• Understanding of Information Security standards and IT frameworks (ISO27000, NIST, CoBIT, ITIL, etc.).
• Industry related certifications (including Security+, CISM, CCSP, CISSP, GIAC, CRISC, CEH, OSCP) are considered an asset.