On behalf of our client in the healthcare services sector, Deloitte is recruiting a skilled and experienced Information Security Officer, to join the organization in Abuja, Nigeria. This role will be responsible for developing, implementing, and maintaining the client's information security program, as well as protecting its data and systems from cyber threats.

• Develop, implement, and maintain information security policies, procedures, and standards aligned with industry best practices and regulatory requirements
• Conduct regular risk assessments and vulnerability scans to identify potential security threats and vulnerabilities
• Design and implement security controls to mitigate identified risks and protect organizational assets
• Monitor and analyze security events and incidents, leading incident response efforts when necessary
• Manage the organization's security awareness program, providing training and guidance to employees on security best practices
• Collaborate with IT teams to ensure the secure configuration and maintenance of network infrastructure, systems, and applications
• Stay up-to-date with emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures
• Ensure compliance with relevant data protection laws and regulations, including Nigerian data protection requirements
• Perform regular security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement
• Manage relationships with external security vendors and service providers
• Report on security status, incidents, and metrics to senior management and relevant stakeholders

• Bachelor's degree in Computer Science, Information Technology, or a related field
• 5+ years of experience in information security or a related field
• In-depth knowledge of information security frameworks such as ISO 27001 and NIST
• Strong understanding of risk assessment and management methodologies
• Proficiency in various cybersecurity tools and technologies
• Experience in implementing and managing comprehensive security programs
• Excellent knowledge of network security, data protection, and privacy regulations
• Familiarity with Nigerian data protection laws and regulations
• Strong analytical and problem-solving skills with attention to detail
• Excellent communication and interpersonal skills
• Ability to work efficiently in a fast-paced, dynamic environment
• Relevant certifications such as CISSP, CISM, or CompTIA Security+ are preferred
• Experience in incident response and management
• Proven track record in developing and implementing security policies and procedures
• Strong understanding of emerging cybersecurity threats and trends
• Knowledge of compliance and regulatory requirements in the Nigerian context