AB Microfinance Bank Nigeria Limited is a member of an international network of Microfinance Bank under AccessHolding (www.accessholding.com), with its head office in Berlin Germany. We provide world class financial services to small, micro, and medium enterprises and private business individuals in Nigeria; As a leading financial institution dedicated to providing inclusive financial services and fostering economic empowerment within Nigeria, we remain committed to excellence, innovation, and financial sustainability.

The Bank is seeking to fill up this vacancy, kindly go through the advert carefully and only qualified candidates should please apply accordingly

Job Summary:

The Information Security Officer (ISO) is responsible for developing, implementing, and maintaining a robust information security framework to protect the bank’s digital assets, systems, and customer data from internal and external threats. The role involves ensuring compliance with regulatory requirements, identifying security risks, and implementing measures to mitigate them while supporting the bank’s IT operations and objectives.

Main Responsibilities:

• Develop, implement, and maintain information security policies, procedures, and standards aligned with industry best practices and regulatory requirements.
• Conduct regular risk assessments and vulnerability scans to identify potential security threats and vulnerabilities.
• Design and implement security controls to mitigate identified risks and protect organizational assets.
• Monitor and analyze security events and incidents, leading incident response efforts when necessary.
• Manage the organization’s security awareness program, providing training and guidance to employees on security best practices.
• Collaborate with IT teams to ensure the secure configuration and maintenance of network infrastructure, systems, and applications.
• Stay up-to-date with emerging cybersecurity threats and trends, recommending and implementing appropriate countermeasures.
• Ensure compliance with relevant data protection laws and regulations, including Nigerian data protection requirements.
• Perform regular security audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement.
• Manage relationships with external security vendors and service providers.

Necessary Experience and Requirements:

• B.Sc./HND in Computer Science or related discipline with cognate experience.
• Minimum of 4 years’ experience working in related environment with a variety of technology and security solutions.
• Ability to perform vulnerability assessments, compliance audits, penetration testing, and the experience is an asset.
• Technical knowledge of state-of-the art Technology and Cybersecurity tools, demonstrable passion for information security and data privacy, strong focus on compliance.
• Understanding of the financial sector business processes and related technology, security is an asset.
• Good knowledge of ISO27001 security control and information security management
• Good understanding of operational risks and security in a financial sector
• Excellent analytical and problem-solving skills including the ability to define problems, collect data, establish facts and draw valid conclusion.

Desired experience and knowledge:

• Relevant certifications such as CompTIA Security+, CEH and ISO 27001 Lead Implementer or information security related certification would be an advantage
• Prior working experience with financial systems and solutions (e.g., core banking system) and Enterprise infrastructure.
• Background in the financial sector (banking, microfinance, insurance, etc.) or technology industry (telecommunication, managed services, etc.) or technology and cybersecurity/information security similar sector.

Personal Attributes:

• Highly motivated and a team-player with a strong development potential.
• Strong ethical conduct, honesty, and integrity.
• Ability to adapt to changing environments and priorities