The Institute of Human Virology (IHVN) is a leading and reputable non-governmental organization addressing infectious and non-infectious diseases such as HIV, tuberculosis and cancer through the provision of prevention, diagnosis, treatment, capacity building, research, and care and support services. IHVN is in partnership with local and international organizations and the different tiers of the government of Nigeria at national, state and local levels. The Institute’s vision is to be a leader in providing quality health services, capacity building and research in West Africa and beyond.
The Information Security Specialist delivers Develop plans to safeguard computer files against unauthorized modification, destruction or disclosure. Maintain enterprise safe cyberspace, Choose, implement, monitor and upgrade computer anti-virus and malware protection systems. Encrypt data transmissions and erect firewalls to conceal confidential information during transmission.
Information Security Specialist
Opening Date: 3rd February 2022
Closing Date: 17th February 2022
Job description & SOW
- Support the development and maintenance of information security roadmap covering all cyber security domains including defense-in-depth, network security, identity and access management, cloud security, data security, application security, cyber security analytics, endpoint security, and compliance.
- Actively monitor, review, and respond to alerts from various information security platforms and tools.
- Monitor & track regulatory and industry developments around cyber security and privacy.
- Respond to information security incidents through participation on the internal Cyber Incident Response Team (CIRT).
- Perform risk assessments and work with stakeholders to implement measures to mitigate risk.
- Monitor systems for vulnerabilities and provide prioritization and guidance for remediation.
- Implement and maintain information security platforms and tools within the organizational infrastructure.
- Work with existing infrastructure and application teams to operationalize, enforce, and track compliance with information security policies.
- Develop and lead the information security awareness program.
- Perform control gap analysis against existing control framework and recommend / track remediation activities.
- Maintain the information security risk register and exception management process.
- Contribute to the development and delivery of Key Risk Indicators (KRIs).
- Support the vendor risk assessment process to highlight risks and compensating controls for both new and existing vendors.
- Drive and support information security culture, values, and best practices throughout the organization.
- Keep up to date with trends and developments in information security and risk management.
- Master’s degree in Computer Science, Information Technology or a closely related field, or equivalent experience required.
- 7+ years of broad IT experience with a minimum of 5 years focused on information security.
- Experience working in multiple security domains (Security and Risk Management, Security Operations, Communications and Network Security, Identity and Access Management, Vulnerability Management, etc.).
- Ability to manage and execute multiple work streams and initiatives in parallel.
- Technical or architectural experience with cloud solutions is considered an asset.
- Experience with cyber security risk management including conducting risk assessments, developing risk mitigation recommendations, and reporting.
- Knowledge of Security Governance, Risk and Compliance, and security audit practices.
- Understanding of Information Security standards and IT frameworks (ISO27000, NIST, CoBIT, ITIL, etc.).
- Industry related certifications (including Security+, CISM, CCSP, CISSP, GIAC, CRISC, CEH, OSCP) are considered an asset.
Method of Application
Interested and qualified candidates should send a detailed resume and a one-page cover letter as one MS Word document explaining suitability for the position to Deputy Director, Human Resources through this email address: [email protected]
Application must explicitly state the position applied for in the subject of the email. Candidates are advised to provide three professional referees with email addresses and phone numbers. Only shortlisted candidates will be contacted.