Information security and it control officer

ARM Life Plc

Job Summary

To protect the confidentiality and integrity of clients, employees, and business information in compliance with organization policies/standards and business objectives of ARM pension.

  • Minimum Qualification: Degree
  • Experience Level: Mid level
  • Experience Length: 5 years

Job Description

ARM is a leading group of companies situated in Nigeria with branches scattered across the country. ARM Life is the insurance subsidiary of Asset & Resource Management Company Ltd (ARM). Its parent company, ARM is one of the largest non bank financial services firms in Nigeria with a focus on asset management of quoted equities and fixed income securities.

Principal Duties and Responsibilities

  • Maintain a risk management framework.
  • Perform risk assessments on resources and projects to be protected
  • Perform vulnerability assessments to evaluate the effectiveness of existing controls
  • Ensure a framework for information security governance and IT control
  • Update and advise top management on security direction and issues
  • Provide technical security expertise to IT to ensure that the requisite level of security is implemented in all information assets
  • Maintain and review information security policies that support business goals and objectives, and are consistent with applicable laws and regulations
  • Maintain standards, procedures and guidelines that support information security policies, and ensure business processes and IT infrastructure activities address information security risks
  • Maintain documentation of all information systems security and change management processes
  • Maintain and review information security policies that support business goals and objectives, and are consistent with applicable laws and regulations
  • Perform system audit checks including pre-implementation and post-implementation of projects
  • Monitor and review operations logs and event console activity to identify potential security related events, and investigate all anomalies
  • Lead and facilitate internal training and awareness of IT security policies, controls and best practices, as well as the impact of non-adherence in order to contribute to the implementation of IT governance
  • Lead activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties
  • Review response and recovery plans that include organizing, training and equipping the teams
  • Periodically test the response and recovery plans, where appropriate
  • Ensure the execution of response and recovery plans, as required
  • Manage post-event reviews to identify causes and corrective actions.

Requirements

  • Education Qualification: Minimum - B.Sc, M.Sc
  • Preferred Years of Experience: 5 year(s)

Share Job Post

LOGIN TO APPLY NOW