9mobile is a Nigerian private limited liability company. EMTS acquired a Unified Access Service License from the Nigerian Communications Commission in 2007. The License enables EMTS provide Fixed Telephony (wired or wireless), Digital Mobile Services, International Gateway Services and National/Regional Long Distance Services in addition to spectrum assignments in the 900 and 1800 MHz bands.
We are recruiting to fill the position below:
Job Title: Head, IT Security Operations & Information Risk Management
Job ID: IRC4337 Location: Lagos, NG
Responsible for defining and maintaining the IT Risk Framework and its associated controls; evaluate overall information technology risk, maintain an active view on compliance, and report on the actual, mitigated and residual risk in the IT organization.
Liaise with all regulatory / relevant government agencies, internal and external audit/assurance providers and other parts of the business in matters related to enterprise risk.
Develop and maintain the IT Risk Management framework by proactively developing and implementing an annual ITRM program and conduct periodic reviews to keep it current and relevant
Provide inputs to overall IT strategy formulation, lead the strategic risk management vision for the unit and ensure strategy delivery through the application of exceptional leadership skills, network of internal and external alliances and highly developed business skills
Responsible for ensuring that overall IT risk profile is maintained within acceptable levels inline with the risk appetite defined by the Board.
Accountable for IT risk management activities/issues affecting the organization and for implementing IT Risk policies, plans and procedures, and team organization to provide reasonable assurance that:
IT Risk is well-understood & managed and that the team is well equipped to mitigate
Undesired events are detected, prevented and corrected, and
IT risks are managed appropriately
Lead the identification of key risk indicators (KRIs) across all information assets and functions in the department based on current situation and trends to provide relevant &timely information for effective mitigation
Coordinate the activities of the IT Risk Council; implement the Governance, Risk & Control(GRC) program for the department
Conduct periodic business impact and risk assessment re business continuity for critical business processes and propose recommendations for addressing gaps
Drive and deliver effective business continuity strategies to support and, in time of disaster, recover the company's critical business functions
Direct the continuous and regular validation and testing of documented business continuity plans
Aggregate information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically
Collaborate with assurance providers to provide an opinion on the control environment; Ensure all identified operational risks are resolved timely
Undertake periodic appraisals, recruit, train and develop team members in conjunction with the HR team to meet the changing needs of the company
Carry out other activities as instructed by the Chief Information Officer (CIO).
First Degree or equivalent in Computer Science / IT, or a related or relevant discipline.
Postgraduate and/or professional qualification in fields related to risk management will be an added advantage.
Nine (9) to Twelve(12) years of combined Telecom/IT/IT risk advisory experience or other high-risk aware industries (e.g. financial services) in leading and high-impact role(s) with progressive levels of responsibilities
Deep knowledge of cyber threats landscape & related defences, general information security and controls is required
Knowledge of/familiarity with deploying global/leading IT risk management standards, control and BCM processes will be advantageous
Sound knowledge of internal business processes, program management and the mobile telecommunications industry
Demonstrate abroad-based operational perspective and provides solutions for all forms of business risk
Recognized risk/control authority who can articulate risk/reward trade-offs clearly and is dynamic, proactive and decisive.
Ability to adapt well, influence and initiate change in the organization.
Highly developed business communications skill (verbal and written), team player, change agent, strategic and creative, and able to drive performance, risk consciousness and compliance from all areas within the company
Ability to cope and deliver at satisfactorily high levels when under intense pressure
Exceptional analytical, quick-learning and critical thinking skills;