IHS Towers is the largest independent mobile telecommunications infrastructure provider in Europe, Africa and the Middle East. Founded in 2001, IHS provides services across the full tower value chain – colocation on owned towers, deployment and managed services.
Today IHS Towers has operations in Nigeria, Cameroon, Côte d’Ivoire, Zambia and Rwanda. Following the recent acquisitions of MTN and Etisalat’s tower portfolios in Nigeria, IHS owns over 23,300 towers in Africa.
We are recruiting to fill the position below:
Job Title: Specialist, IT Risk Management
Location: Lagos, Nigeria
Job Type: Full-time · Associate
About the Job
- We are currently recruiting for a Specialist, IT Risk Management who will assist in promoting adherence to information risk standards and procedures which protect the company’s systems from internal and external threats.
Key Roles & Responsibilities
- Provide inputs to design of the Information Risk Management (IRM) framework. Take responsibility for maintaining the framework, including refreshing and implementing an annual program.
- Build awareness of new and evolving risks across in-scope functions and IT.
- Lead the identification of key risk indicators (KRIs) for in-scope functions based on up-to-date situational analyses and trends. Provide relevant and timely information on KRIs for effective risk oversight.
- Implement appropriate systems and processes that ensure information risks are proactively managed and undesired events (when they occur) are detected and remedied early.
- Participate in the development of risk plans and procedures, as well as organizational structures, that provide an acceptable level of assurance in IT.
- Follow up on open audit and risk items to ensure closure.
- Manage the business continuity plan (BCP) for IT. Ensure continuous and regular validation and testing of documented/ approved BCP.
- Conduct continuous risk assessments for new and existing solutions.
- Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
- Develop action points to ensure that KRIs which exceed thresholds are reduced to an acceptable level.
- Perform annual IT risk and audit reviews in line with the approved annual plan.
- Provide second-line security and audit assurance for continuous improvement.
- Collaborate continuously with internal audit and other key internal stakeholders as part of the overall enterprise risk management framework.
- Contribute towards establishing credible risk governance, an integrated risk management mindset, and an execution approach which appropriately prioritizes action based on business impact.
- Perform gap assessments using the COBIT process assessment model and follow up to ensure timely remediation of gaps and implementation of new IT processes.
- Review policies and develop processes and procedures that provide an acceptable level of assurance.
- Perform other tasks and duties as assigned by the Manager, IT Risk & Control.
Experience & Qualifications Required
- Bachelor’s Degree in Computer Science, Computer Engineering, Information Technology, or related disciplines.
- Demonstrable application of knowledge of defence in-depth, least privileges, need-to-know, separation of duties, access controls and encryption.
- Proven knowledge of risk management, information security, mobile core technologies and controls.
- 5-6 years’ relevant work experience in Information Security, Risk Advisory, and IT Compliance.
- Professional certifications such as CISA, CRISC, ISO27001, ISO27005: Lead Risk Manager will be an asset.
- Customer Focus
- Be Bold
- Risk Management
- IT Audit
- Vulnerability Management
- Business Continuity
- Problem Solving
How to Apply
Interested and qualified candidates should:
Click here to apply
Note: Please apply with an updated Resume / CV.
Application Deadline 6th August, 2021.