Job Description
Description
• Define, direct and support security efforts through development and ensuring enforcement of
Information/Cybersecurity policies, framework, procedures, baselines and other forms of guidance that
should be followed by staff, vendors and other external parties.
• Manage information/Cybersecurity risk management programs for the Bank
• Lead and mentor the Information/Cybersecurity risk team and other functional partners to conduct and
meet cybersecurity risk management objectives for the Bank
• Manage Information security standards implementation, maintenance and co-ordination (ISO 27001, PCI
DSS, etc.) readiness and certification to optimize FirstBank overall information security posture.
• Manage independent and external Vulnerability Assessment & Penetration test (VAPT) and track remedial
action.
• Evaluate all identifiable Information/Cybersecurity vulnerabilities, threats, likelihood of successful exploit,
potential impact, weak controls and associated risk using appropriate tools and methodologies.
• Proactively and independently provide Information and cybersecurity risk report to Senior Management
• Provide technical expertise for security risk assessment, recommendation and regularly engage
stakeholders for timely remediation of identified security gaps and process improvement.
• Provide oversight functions of information security disciplines, compliance, technologies, and guidelines
• Manage on-going external security audit process from Certifying Body such as British Standard Institute
(BSI), Payment Card Industry Security Standard council (PCI SSC)/Qualified Security Assessor(QSA), CBN
and other regulatory bodies, liaising with relevant stakeholders on established audit requirements and
any identified corrective action.
JOB REQUIREMENTS
• Minimum Education: First Degree in computer science/Engineering
• Professional Certifications: Certified Information Security Manager (CISM), ISO27001 Lead Implementer, ISO27032 Cyber Security Lead manager or any Cybersecurity Professional Certifications
• Minimum of 12 years’ experience in facilitating and conducting security assessments related to PCIDSS, ISO 27001, and Cybersecurity Framework.
• Define, direct and support security efforts through development and ensuring enforcement of
Information/Cybersecurity policies, framework, procedures, baselines and other forms of guidance that
should be followed by staff, vendors and other external parties.
• Manage information/Cybersecurity risk management programs for the Bank
• Lead and mentor the Information/Cybersecurity risk team and other functional partners to conduct and
meet cybersecurity risk management objectives for the Bank
• Manage Information security standards implementation, maintenance and co-ordination (ISO 27001, PCI
DSS, etc.) readiness and certification to optimize FirstBank overall information security posture.
• Manage independent and external Vulnerability Assessment & Penetration test (VAPT) and track remedial
action.
• Evaluate all identifiable Information/Cybersecurity vulnerabilities, threats, likelihood of successful exploit,
potential impact, weak controls and associated risk using appropriate tools and methodologies.
• Proactively and independently provide Information and cybersecurity risk report to Senior Management
• Provide technical expertise for security risk assessment, recommendation and regularly engage
stakeholders for timely remediation of identified security gaps and process improvement.
• Provide oversight functions of information security disciplines, compliance, technologies, and guidelines
• Manage on-going external security audit process from Certifying Body such as British Standard Institute
(BSI), Payment Card Industry Security Standard council (PCI SSC)/Qualified Security Assessor(QSA), CBN
and other regulatory bodies, liaising with relevant stakeholders on established audit requirements and
any identified corrective action.
JOB REQUIREMENTS
• Minimum Education: First Degree in computer science/Engineering
• Professional Certifications: Certified Information Security Manager (CISM), ISO27001 Lead Implementer, ISO27032 Cyber Security Lead manager or any Cybersecurity Professional Certifications
• Minimum of 12 years’ experience in facilitating and conducting security assessments related to PCIDSS, ISO 27001, and Cybersecurity Framework.
Sponsored
