PricewaterhouseCooper (PwC) Nigeria has been operating in Nigeria since 1953 through its predecessor firms of Coopers & Lybrand and Price Waterhouse. We’re one of the leading professional services firms in the country with offices in Lagos, Abuja and Port Harcourt, over 1000 staff and 31 resident partners.
We are recruiting to fill the position below:
Job Title: Information Protection Analyst
Job ID: 228982WD
Job type: Full time
Line of Service: Internal Firm Services
Specialism: IFS – Information Technology (IT)
Management Level: Associate
Job Description & Summary
- A career in Information Technology, within Internal Firm Services, will provide you with the opportunity to support our core business functions by deploying applications that enable our people to work more efficiently and deliver the highest levels of service to our clients.
Data protection & Privacy Support:
- Identify, document and evaluate the company’s data processing activities to create/maintain personal data inventory.
- Provide Support during NDPR compliance audit
- Work with key internal stakeholders in the review of projects and related data to ensure compliance with local data protection regulations, conduct data privacy risk assessment (DPRA) and where necessary, complete and advise on data privacy impact assessment (DPIA).
- Develop and deliver data protection & privacy training to various business functions to raise employee awareness of data privacy and security issues,
- Attend and provide regular/ ongoing data protection, information security and privacy training
- Work with the firm’s Data Protection Office to deliver on data protection expectations’ Responding to client’s data protection request, monitoring for new data protection regulation / guidelines from regulatory bodies locally and globally
- Participate and support with information protection Team meetings
- Assist with Data subject Requests resolution
Process and Policy Documentation:
This is an annual process but during the year some changes may take place more than once. Tasks include:
- Follow up with teammates as regards updates/review of process and local policy documentations.
- Ensure the updates or modifications made to the various process documentation are reviewed with the Unit Leads and by the IT Country Head
- Ensure that all IT policies and procedures are compliant with regulatory requirements
- Follow up with the Country Operations Partner for approval of the revised process/policy documents
- Ensure the dates for the various updates/reviews are accurately implemented on the various documentation
- Upload these documents to the specified repository and ensure they are available when needed and accessible when required
- Assist the IT country Head in delivering weekly operational / activity reports to Leadership
Business Continuity and incident Management:
- Create a schedule for the disaster recovery exercises for the servers and links. This exercise could be quarterly or monthly depending on the application or links as stated in the SLA.
- Collaborate with Risk and Quality team on Business Continuity activity, including submitting a copy of the report to R&Q, upload a copy on the appropriate repository and file the hard copy
- Ensure these reports and available when required and accessible by relevant stakeholders
- Maintain a current hard copy of these policy documents are kept in a fireproof cabinet
- Ensure all related incidents, breaches and violations are properly documented, remediated, closed and reviewed for future learning.
- Ensure the various exercises are carried out as at when due. And also ensure proper follow up with team members
- Anchor and Document the Disaster Recovery (DR) exercises/tests when they take place
- Generate a report from the DR exercise/test, review with the country manager and ensure all participants at the DR exercise/test signs off.
- Ensure the incident reports and available when required and accessible by relevant stakeholders
- Participate in post incident review to identify lessons learnt
- Attend and support the incident management Team
- Participate in all technology related internal / external audits e.g. FY ISP audit, ISO recertification audits, etc.
- First Degree (Minimum of Second-Class Upper Division) in Computer Science and Computer related disciplines
- Training in Data or information protection / security field
- Certification in any data or information protection / security field
- Minimum of 1-year IT experience.
- Must have an in-depth knowledge of established computer-industry security procedures for multiple computer platforms
- In-depth experience with windows operating systems
- Knowledge of the enterprise application systems, disaster recovery processes, Business Impact Analysis, business continuity planning, etc
- IT Audit experience (if possible)
- Document/process management experience
- Good written and oral communication ability
- Action planning, Motivating, Analytical mind and strong problem-solving capabilities
- Ability to work independently in a highly dynamic environment and work under intense pressure.
- Strong interpersonal and communication skills
- Ability to solve problems quickly and completely
- Ability to train PwC users on use of computer software and hardware in both office and classroom situations
- Good analytical skills
- Ability to work alone with less supervision and as a team member
Deadline: 27th July, 2021.