First Bank of Nigeria Limited (FirstBank) is Nigeria’s largest financial services institution by total assets and gross earnings. With more than 10 million customer accounts, FirstBank has over 750 branches providing a comprehensive range of retail and corporate financial services. The Bank has international presence through its subsidiaries, FBN Bank (UK) Limited in London and Paris, FBNBank DRC, FBNBank Ghana, FBNBank Gambia, FBNBank Guinea, FBNBank Sierra-Leone and FBNBank Senegal, as well as its Representative Offices in Johannesburg, Beijing and Abu Dhabi.

We are recruiting to fill the position below:

Job Title: Information & Cybersecurity (ICS) Policy & Awareness Officer

Job Identification No: 161
Location: Lagos
Employment Type: Full-time

Job Objective(s)

• Manage and evaluate the Bank’s security policies and regulatory standards to minimize the risk of compromise of sensitive business systems.

Duties & Responsibilities

•  Develops policy, framework, security baselines and procedures for the information/Cybersecurity governance, including control document reviews, stakeholder review/sign-off and post-approval communication.
• Serves in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensures that security controls are implemented as planned
• Monitors compliance with security policies, standards, guidelines, procedures, respond to policy violations and escalate exceptions.
• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate information security controls and measures.
• Provide support for Independent Vulnerability Assessment & Penetration Test (VAPT) projects.
• Assesses threats and vulnerabilities in the Banks products and technology acquisition. Engage IT Project managers on IT project risk and provide guidance
• Continuously communicate and ensure staff and third-parties are aware of information and cyber security as it relates to their roles and/or services
• Empower staff bank-wide through periodically Information and cyber security risk awareness and training including role based and privileged user training using different sources: Newsletters, E-Learning (Computer Base Training), Facilitator Led training, E-flyers, etc.
• Develop an awareness program for the enterprise and conduct training to ensure that stakeholders understand Information risk management to promote a risk-aware culture.

Requirements
Education

• Minimum Education: First Degree in Computer Science / Engineering
• Professional Certifications: CISM, ISO27001 Lead Implementer, or any Cybersecurity Professional Certifications.

Experience:

• Minimum experience: 5 years experience in facilitating and conducting security awareness and policy development, security architecture and security standards/requirements (PCI-DSS, ISO27001, Cybersecurity).

Application Closing Date
7th September, 2022.