Security Compliance Manager at an Indigenous Financial Institution – PricewaterhouseCooper (PwC) Nigeria
PricewaterhouseCooper (PwC) Nigeria – Our client is the largest indigenous financial institution in Ghana and is focused on breaking new frontiers and setting higher standards to enable technological innovations to drive improved services.
They are recruiting to fill the position below:
Job Title: Security Compliance Manager
Reference Number: 130-PEO01135
Department: People & Change Nigeria
Job type: Permanent
Roles & Responsibilities
- Actively support in the development, implementation and review of Information security policies, procedures and standards across the organisation
- Monitor the organisation’s compliance with security policies, standards, guidelines and procedures across the organisation in line with international standards such as ISO 27001, PCI-DSS, SWIFT CSP as well as the Organisation of Ghana cyber security directives
- Develop and maintain a framework to track the organisation’s compliance with controls in line with BOG Cyber Security Directive and SWIFT CSP
- Develop and maintain a framework to track the organisation’s compliance with controls in line ISO 27001 and PCI-DSS standards
- Responsible for leading all internal and external cyber security audits on behalf of the organisation
- Evaluate and propose updates to new and existing policies, standards and procedures to ensure continuous compliance with ISO 27001, PCI-DSS and other international standards
- Track the effectiveness of the organisation’s enterprise Information security awareness program
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
- Provide information security expertise with regards the organisation’s disaster recovery and business continuity programs
- Liaise with other stakeholders to ensure the periodic testing of disaster recovery and business continuity plans
- Stay abreast of regulatory changes and access its impact on Organisation’s Cyber and Information security program.
- A minimum of a degree in Computer Science / Engineering , Information Technology, Electrical Engineering or a related field from a recognised University
- Professional Certifications in CISSP, CISM, ISO 27001:2013 LI/LA and PCI-DSS (QSA) will be an added advantage
- A Second degree is an added advantage
- Minimum of Eight (8) years of relevant IT work experience which may include Information Security, IT Infrastructure Management, IT Vendor Assessment, Development, Production Assurance and/ or IT Governance, Risk and Compliance areas with 2+yrs in Supervisory/Managerial.