Asset & Resource Management Holding Company - Established in 1994 as an asset management firm, ARM offers wealth creation opportunities through a unique blend of traditional asset management and alternative investment services. We enable businesses to thrive, and help our clients to maximize their returns and realise their most important goals.
We are recruiting to fill the position below:
Job Title: Team Lead, Information Security and IT Risk Management
Location: Ikoyi, Lagos
- Responsible for managing the IT Risk function through the identification of potential vulnerabilities and gaps in security controls, and recommendation / implementation of appropriate information security requirements, policies, practices, and standards across the organization to ensure confidentiality, integrity and availability of organizational data.
Duties and Responsibilities
- Stakeholder Management: Proactively seek to build mutually beneficial, and trusting relationships with internal stakeholders - especially client functions, and understand their risk landscape, with the aim of delivering operational impact.
- IT Risk Management Framework: Maintains and enforces the system risk management and information security risk management framework/methodology.
- Develop IT Risk Metrics: Design relevant risk metrics to enable senior management to make risk based decisions and assist with the development and management of policies, standards, guidelines and training.
- Coordinate IT Risk Assessments: Manage or coordinate activities supporting enterprise-wide IT technology audits and risk assessments. This includes periodic control testing efforts, as well as working with internal and external auditors.
- Manage User Access Rights: Conducts user access audits to ensure compliance with role based access and segregation of duties.
- IT Risk Policies: Monitors compliance with information security policies. Effectively communicates and reports violations, conflicts and concerns to senior management. The Position Holder is also responsible for the development of organization-wide information security compliance policies in line with regulatory requirements.
- Vendor Management: Develop information security risk assessment review as part of the contract renewal process for vendors, and coordinates the risk assessment & information security review for all new vendors.
- Cyber Security: Performs procedures to ensure the security of information systems assets and to protect them against intentional or inadvertent access or destruction. Responsible for developing an Incident Response Management Plan and training Incident Response Team. The Position Holder is also responsible for managing action plans in response to information security risk assessment, tracks status and reports to Senior IT Management.
- Support Team’s Development: Provide advice, guidance and assistance to less experienced colleagues as required.