Employer: Etisalat Nig
Etisalat Nigeria is recruiting to fill the below position of:
►Job Title: Head, IT Risk Management
►Location: Lagos, NG
The Company
Etisalat Nigeria is recruiting to fill the below position of:
►Job Title: Head, IT Risk Management
►Location: Lagos, NG
The Company
Etisalat's vision is a world where people's reach is not limited by matter or distance;
a world where people will effortlessly stay in touch with family and friends; a world where businesses of all sizes can reach new markets without the limitations of distance and travel.
Job Summary
Responsible for maintaining a current IT risk universe based on the top risk categories for all information assets and spheres of activity of the IT function.
Manage the information security, IT business continuity and operational risk oversight functions and ensure strict adherence to IT risk processes, compliance monitoring and reporting, Liaise with all internal audit/assurance providers and other parts of the enterprise as part of the overall enterprise-wide risk management.
Provide relevant and timely information on key risk indicators (KRI) to Senior IT Risk management for effective risk oversight. Entrench a risk-conscious culture across the department and throughout the organization.
Principal Functions
Develop and maintain the IT Risk Management framework by proactively developing and implementing an annual ITRM program and conduct periodic reviews to keep it current and relevant.
Provide inputs to overall IT strategy formulation, lead the strategic risk management vision for the unit and ensure strategy delivery through the application of exceptional leadership skills, network of internal and external alliances and highly developed business skills.
Responsible for ensuring that overall IT risk profile is maintained within acceptable levels
Accountable for IT risk management activities/issues affecting the organization and for implementing IT Risk policies, plans and procedures, and organizational structures designed to provide reasonable assurance that:
IT Risk is well-structured, equipped and aligned to achieve business objectives
Undesired events are detected, prevented and corrected, and
IT risks are managed appropriately
Lead the identification of key risk indicators (KRIs) for the department across all information assets and functions based on current information and trends to provide relevant & timely information for effective risk oversight.
Coordinate the activities of the IT Risk Council, design, implement and own the Governance, Risk & Control (GRC) program for the department.
Drives and delivers Business Continuity commitment, support, ownership, accountability and results.
Design, build and implement standard Risk Assessments, Business Impact Analysis, and other Business Continuity tools and capabilities.
Drives and delivers effective Business Continuity strategies to support and, in time of disaster, recover the company's critical business functions.
Directs the continuous and regular validation and testing of documented Business Continuity plans
Provides credible risk governance, integrates risk management and strategy execution and prioritizes actions based on impact on reputation and continued viability.
Aggregates information to identify operational control weaknesses and build a risk management dashboard that is refreshed and published periodically.
Ensure all identified operational risks are resolved timely.
Uses behavioral change management techniques to maintain risk awareness capabilities across groups within and outside the IT function.
Collaborates with assurance providers to provide an opinion on the control environment.
Carry out other activities as instructed by the Chief Information Officer.
Educational Requirements
First degree or equivalent in Computer Science/IT, or a related or relevant discipline.
Postgraduate and/or professional qualification in related fields will be an added advantage;
Experience, Skills & Competencies
Deep knowledge of information security and controls is required.
Demonstrable knowledge, and optionally certifications in products, protocols and technologies are strong requirements
Knowledge and experience in implementing globally accepted IT risk, control and BCM standards highly desired
Nine (9) to Twelve (12) years of combined Telecom/IT/IT risk advisory experience in leading and high-impact role(s) with progressive levels of responsibilities, Six years in a solution architecting & 3 years at managerial level.
An ideal candidate will have solid experience spanning advisory and industry / operational roles.
Sound knowledge of internal business processes, outsourcing, program management and the mobile telecommunications industry
Demonstrate a broad based operational perspective and provides solutions for all forms of business risk
Recognized risk/control authority who can articulate risk/reward trade-offs clearly and is dynamic, proactive and decisive.
Ability to adapt well and initiate change in the organization.
Continuously seeks ways to optimize risks in the organization as a competitive business advantage
Highly developed business communications skill (verbal and written), team player, change agent, strategic and creative, excellent project management skills and the ability to drive performance, risk consciousness and compliance from all areas within the company
Knowledge of/familiarity with global/leading IT risk standards will be advantageous.
Ability to cope and deliver at satisfactorily high levels when under intense pressure
Exceptional analytical, quick-learning and critical thinking skills;
Strong influencing and change management skills.
Application Closing Date
Not Stated
Method of Application
Interested and qualified candidates should