Chief Information Security Officer Job in Nigeria

 ECOWAS Bank for Investment and Development (EBID) is an international financial institution established by the 15 Member States of the Economic Community of West African States (ECOWAS). EBID includes: Benin, Burkina Faso, Cape Verde, Cote d'Ivoire, Gambia, Ghana, Guinea, Guinea Bissau, Liberia, Mali, Niger, Nigeria, Senegal, Sierra Leone and Togo. The main objective of EBID is to contribute to the economic development of West Africa through the financing of ECOWAS and NEPAD projects and programs. The headquarters of the bank is in Lome in the Togolese Republic.

We are recruiting to fill the position below:

Job Title: Chief Information Security Officer (CISO)

Location: Lome, Togo Republic



Grade: P3-1

Job summary

  • The successful candidate shall work under the supervision of the Head of the Risk Management Department of the Bank and shall be responsible for establishing and maintaining the enterprise vision, strategy, and programs to ensure information assets and technologies are adequately protected. As the Chief Information Security Officer (CISO), he/she will offer direction on compliance obligations, assist the bank in devising robust risk management approaches, and spearheading initiatives to protect the Bank's data, intellectual property, and technological framework from both internal and external risks. This position plays a pivotal role in ensuring adherence to regulatory standards and industry benchmarks, while also nurturing a security-conscious culture across the Bank.

Duties
Strategic Planning and Vision:

  • Develop and implement the Bank's information security strategy and roadmap by building security architecture and policies based on business needs, risk assessments, and regulatory requirements.
  • Define security policies, standards, and procedures aligned with business objectives and industry best practices.
  • Assess emerging threats and trends and adjust security strategies accordingly.

Risk Management:

  • Identify, evaluate, and prioritize security risks across the organization.
  • Develop and maintain a risk management framework to mitigate risks effectively.
  • Manage the risk management programme through planning, developing, coordinating, and implementing information technology disaster recovery and business continuity planning.

Security Operations:

  • Oversee the design, implementation, and maintenance of security controls, technologies, and processes.
  • Coordinate incident response activities and lead efforts to mitigate security incidents.
  • Conduct regular security assessments and audits to ensure compliance and effectiveness.

Compliance and Gouvernance:

  • Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, ISO 27001).
  • Establish and maintain governance structures to support effective information security management.
  • Liaise with internal and external auditors and regulators in reviewing special investigations results, internal audits, research studies, forecasts, and modelling exercises to provide direction and guidance.

Security Awareness and Training:

  • Develop and deliver security awareness programs to educate employees about their roles and responsibilities in maintaining security.
  • Provide training to IT staff and other relevant stakeholders on security best practices.
  • Execute all other tasks assigned by the Head of Department and Management.

Requirements

  • A Master’s Degree from a recognized university, in computer science, Information Technology, or a related field;
  • Proven experience (minimum of 7 years) in cybersecurity leadership roles, with a track record of successfully implementing and managing cybersecurity programs.
  • Strong understanding of cybersecurity principles, frameworks, and technologies, including but not limited to NIST, ISO, CIS Controls, SIEM, IDS/IPS, DLP, encryption, and cloud security. Excellent leadership, communication, and interpersonal skills, with the ability to collaborate effectively across departments and influence stakeholders at all levels of the organization.
  • Industry certifications such as CISSP, CISM, CISA, or equivalent are highly desirable.
  • Experience in regulated industries (e.g., healthcare, finance, government) and familiarity with applicable regulations (e.g., HIPAA, GDPR, SOX) is a plus.
  • Strong analytical and problem-solving skills, with the ability to make risk-based decisions in a fast-paced environment.
  • Proven ability to lead and develop a diverse team of cybersecurity professionals.

Others:

  • Be a national of one of the ECOWAS Member States;
  • Must not be above 45 years at the time of recruitment;
  • Have sound knowledge of computer tools (Word, Excel, Access and Power Point);

Application Closing Date
30th August, 2023.

How to Apply
Interested and qualified candidates should submit their Applications to: recrutbidc@bidc-ebid.org using "2024 Recruitment Programme" as the subject of the email.

Applications must include the following:

  • A detailed Curriculum Vitae,
  • A Cover Letter,
  • Copies of Academic and Professional Certificates,
  • A copy of National Identity Card or Passport,
  • A copy of Birth Certificate.

Note

  • Only shortlisted candidates will be invited for interview.
  • EBID reserves the right to withdraw the notified vacancy or offer position at a lower grade.
  • Female applications for EBID jobs are strongly encouraged.