Information Risk and Compliance Analyst

  • Full-time

Company Description

Venture Garden Nigeria (VGN) is a fast growing Software company with a vision to build an enduring organization with an ecosystem of value creators- while delivering high impact technology solutions for emerging markets through a culture of entrepreneurship and innovation. At VGN we wage war against the average, go beyond the ordinary to explore limitless opportunities; breaking the norms and aggressively pursuing success through- Relentless Hard-work, Pursuit of excellence, calculated risk taking and a hunger for knowledge and we have a lot of fun at it!

Job Description

As Risk and Compliance Analyst, you will assist in the maintenance and enforcement of the VGG’s security program. You will be charged with identifying weaknesses in or deviations from policy and working across departmental lines to ensure the safety of the company’s information resources

Principal responsibilities and accountabilities

  • Maintenance of Risk Management Policy
  • Facilitation of regular risk assessment exercises,
  • Integration of Risk Management Policy into key processes
  • Enforcement and monitoring of controls arising from risk assessment exercise/information security policy and procedures
  • Maintenance of dashboard of control implementation and compliance status
  • Work with teams tasked with control implementation to determine the status and identify impediments
  • Change management
    • Implementation of a unified change management procedure
    • Maintenance of central repository for change documentation
  • Information Security Awareness
    • Implement information security awareness program
      • Identification of key topics based on best practice
      • The inclusion of topics based on feedback from incidents/awareness measurements
      • Facilitate information security awareness sessions
    • Develop an Information security awareness plan for the year
    • Develop and implement ad-hoc security awareness methods
  • Stays current and reports on emerging security threats based on the company’s risk profile
  • Stays current and reports on emerging technologies and their impact on the company’s security
  • Compliance management to relevant security standards, legal and contractual requirements
    • ISO 27001
    • PCI-DSS
    • SWIFT Security Requirements
    • CBN Requirements
    • Other identified compliance requirements

Qualifications

•    Bachelor's degree in computer science, cybersecurity or related field
•    At least 2 years’ experience in information security risk and/or compliance role and operational risk management
•    Experience in implementing and maintaining security standards, including ISO 27001, PCI-DSS, NIST etc
•    Experiencing in maintaining policy documents and enforcement of information security policies
•    Relevant certifications, i.e. CISM, CISSP, CGEIT, CRISC, CEH, CHFI
 

Skills & Abilities   
•    Decision Making
•    Flexibility
•    Interpersonal Skills
•    Personal Leadership
•    Excellent Communicator
•    Personal Organization
•    Problem Solving
•    Team Building

Additional Information

Working conditions
Flexibility is important. 
Equal opportunity
The role is open to anyone who meets the above criteria regardless of race or nationality
Remuneration:
Competitive based on experience