34 Cloud Security jobs in Nigeria

We are seeking an experienced Information Security Consultant with strong offensive and defensive cybersecurity skills. The ideal candidate has a hacker's mindset — able to think like an attacker to identify vulnerabilities, but also experienced in building strategies, defenses, and best practices to secure organizations against threats.

Key Responsibilities

• Conduct security assessments and penetration tests across networks, web apps, mobile apps, and cloud environments.
• Identify and exploit vulnerabilities, then provide actionable remediation guidance.
• Advise clients on risk management, security policies, and compliance (ISO 27001, NIST, GDPR, etc.).
• Perform threat modeling and security architecture reviews.
• Develop and deliver incident response plans and conduct post-breach investigations.
• Provide security awareness training and help organizations build a strong security culture.
• Stay current with emerging threats, vulnerabilities, exploits, and mitigation techniques.

Required Skills & Knowledge

• Strong understanding of operating systems (Linux, Windows, macOS, mobile platforms).
• Deep knowledge of networking protocols (TCP/IP, DNS, HTTP/S, VPNs, firewalls).
• Hands-on experience with penetration testing tools (Burp Suite, Metasploit, Nmap, Wireshark, etc.).
• Proficiency in scripting/programming: Python, Bash, PowerShell; familiarity with C/C++ and JavaScript is a plus.
• Knowledge of web app security (OWASP Top 10) and common vulnerabilities (SQLi, XSS, CSRF, privilege escalation).
• Experience with cloud platforms (AWS, Azure, GCP) and their security models.
• Familiarity with cryptography, authentication, and identity management.
• Strong communication skills — ability to present findings to both technical and non-technical audiences.

Preferred Certifications (not mandatory)

• OSCP, OSCE, OSEP (for offensive security skills).
• CISSP, CISM, CISA (for governance & consulting credibility).
• CEH (Certified Ethical Hacker) or equivalent.
• GIAC certifications (GCIH, GPEN, GREM, etc.).

Job Type: Full-time

Pay: ₦250, ₦300,000.00 per month

Duplo is building the platform to power the next generation of financial services. Our mission is to help companies expand financial access for all. Our simple and powerful banking-as-a-service API helps companies quickly launch financial products.

We are recruiting to fill the position below:

Job Position: Information Security Manager

Job Location: Lagos (Hybrid)

Description

• This is a unique opportunity. You'll have the responsibility and resources to take a significant part in the creation of a paradigm-changing product that will impact millions.

Responsibilities

Strategic Leadership & Governance:

• Define and lead the strategic direction of our Information Security program in alignment with the Board-approved policies.
• Oversee the design and execution of enterprise-wide cybersecurity strategies to protect critical business information systems and assets.
• Develop and maintain an information security governance framework, ensuring appropriate accountability, risk management, and compliance with applicable laws and regulations.

Operational & Budgetary Management:

• Direct and manage the security operations, including security architecture, vulnerability management, identity & access management, incident response, and threat intelligence.
  
  Administer the information security budget, optimizing investments in tools, resources, and staff to support ongoing protection efforts.

Regulatory & Risk Management:

• Monitor and interpret national and global regulatory developments, cyber threats, and trends to proactively enhance our security posture.
• Serve as the liaison with the CBN, law enforcement, and other regulatory agencies on security-related matters, including audits and compliance reporting.
• Ensure compliance with CBN guidelines, NDPR, GDPR (where applicable), ISO 27001, PCI-DSS, and other security frameworks or standards.

Program Development & Implementation:

• Develop and continuously improve a comprehensive information security program, encompassing: Risk assessments and management, Data protection and encryption policies, Security awareness training ,Incident detection and response plans and Vendor risk management
• Lead information security planning across all business areas, including administrative, legal, financial, and technology functions.

Stakeholder Communication & Awareness:

• Report regularly to senior management and the Board on the status of the information security posture, risk exposure, mitigation actions, and resource needs.
• Drive a culture of cybersecurity awareness throughout the organization via continuous education and engagement.
• Collaborate with other business units to integrate security considerations into project planning and digital innovation initiatives.

Technical & Professional Requirements

• Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or related fields.
• Minimum of 7 years of post-qualification experience, with:
• At least 5 years in an IT security or audit role
• Strong knowledge of banking regulations, especially CBN Guidelines related to information and cybersecurity.
• Experience in leading incident response and crisis communication efforts.
• Familiarity with core banking systems, payment platforms, and financial technology infrastructures.
• Proven ability to build and lead high-performing security teams.
• Effective communication skills to convey complex security topics to non-technical stakeholders.

Professional Certifications in at least one of the following:

• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• ISO/IEC 27001 Lead Implementer or Lead Auditor
• Other relevant IT security/audit certification.

Overview:

We're seeking an Information Security Officer to oversee security governance, risk management, and compliance across the organization. This role ensures that security policies, controls, and practices align with business objectives while meeting local and industry regulatory requirements. The ideal candidate will have deep experience in security governance and translating technical risks into business terms for executives and stakeholders.

At TeKnowledge, your work makes an impact from day one. We partner with organizations to deliver AI-First Expert Technology Services that drive meaningful impact in AI, Customer Experience, and Cybersecurity. We turn complexity into clarity and potential into progress—in a place where people lead and tech empowers.

You'll be part of a diverse and inclusive team where trust, teamwork, and shared success fuel everything we do. We push boundaries, using advanced technologies to solve complex challenges for clients around the world.

Here, your work drives real change, and your ideas help shape the future of technology. We invest in you with top-tier training, mentorship, and career development—ensuring you stay ahead in an ever-evolving world.

Why You'll Enjoy It Here:

• Be Part of Something Big – A growing company where your contributions matter.
• Make an Immediate Impact – Support groundbreaking technologies with real-world results.
• Work on Cutting-Edge Tech – AI, cybersecurity, and next-gen digital solutions.
• Thrive in an Inclusive Team – A culture built on trust, collaboration, and respect.
• We Care – Integrity, empathy, and purpose guide every decision.

We're looking for innovators, problem-solvers, and experts ready to drive change and grow with us.

We Are TeKnowledge. Where People Lead and Tech Empowers.

Responsibilities:

• Ensure policies, controls, and security practices are aligned with business goals and regulatory compliance.
• Define, implement, and maintain IT processes derived from security policies.
• Oversee compliance with industry standards, local regulations, and internal security frameworks.
• Translate security risks into clear business impacts for senior leadership and stakeholders.
• Work closely with risk, compliance, and IT teams to monitor adherence to security requirements.
• Contribute to security awareness initiatives and governance reporting.
• Support audit processes, remediation efforts, and continuous improvement of security posture.

Qualifications:

Education & Certifications

• 4-year IT-related degree (mandatory).
• CISM and CISSP certifications (required).

Experience

• 7 years of experience in the cybersecurity domain.
• Proven track record in defining IT processes, aligning them with policies, and ensuring compliance with local and industry regulations.

Core Skills & Competencies

• Strong expertise in security governance, risk, and compliance.
• Ability to translate technical security risks into business language.
• Excellent stakeholder engagement and communication skills.
• Strategic mindset with attention to regulatory and operational requirements.
• Proactive approach to identifying gaps and recommending improvements.

The Chief Information Security Officer (CISO) will be responsible for establishing, implementing, and managing a comprehensive cybersecurity strategy for the Oil & Gas organization. This role focuses on safeguarding IT and OT (Operational Technology) environments, ensuring regulatory compliance, managing cyber risks, and protecting critical infrastructure assets. The CISO will collaborate with executive leadership, business units, and external partners to ensure resilience against emerging threats.

Key Responsibilities

Strategic Leadership

• Define and execute the enterprise-wide information and cyber security strategy aligned with business and regulatory requirements.
• Lead security programs covering IT, OT/ICS, cloud, and digital transformation initiatives.
• Advise executive leadership and the Board on cybersecurity risks and investments.

Cybersecurity Governance & Risk Management

• Develop and enforce information security policies, standards, and procedures.
• Oversee enterprise risk assessments, threat modeling, and incident response planning.
• Ensure compliance with industry regulations (e.g., NIST, ISO 27001, IEC 62443, GDPR, local oil & gas cybersecurity regulations).

Operational & Technical Security

• Protect SCADA, ICS, and critical OT infrastructure from cyber threats.
• Implement advanced threat detection, monitoring, and response capabilities (SOC).
• Oversee identity and access management, network security, data protection, and endpoint security programs.

Incident Response & Business Continuity

• Establish and lead a cyber incident response team (CIRT).
• Manage security incidents, forensic investigations, and root cause analysis.
• Align business continuity and disaster recovery with cybersecurity resilience.

Stakeholder & Vendor Management

• Partner with internal stakeholders, regulators, and industry bodies to strengthen security posture.
• Manage third-party vendor security, contract compliance, and supply chain risk.
• Build cybersecurity awareness programs for employees and contractors.

Qualifications & Experience

• Bachelors or Masters degree in Computer Science, Information Security, Engineering, or related field.
• 15+ years of IT/Information Security experience with at least 7+ years in leadership.
• Proven experience in Oil & Gas, Energy, or other critical infrastructure industries.
• Strong understanding of OT/ICS security frameworks (ISA/IEC 62443, NIST CSF, etc.).
• Expertise in risk management, regulatory compliance, cloud security, and incident management.
• Relevant certifications: CISSP, CISM, CISA, CCISO, GICSP (preferred for Oil & Gas).

The Chief Information Officer (CIO) will lead the overall IT and Digital strategy for the organization, enabling operational excellence, innovation, and secure digital transformation within the oil and gas sector. The CIO will be responsible for aligning IT systems, cybersecurity, and digital technologies with business goals across upstream, midstream, and downstream operations while driving cost efficiency and ensuring regulatory compliance.

Key Responsibilities

Strategic Leadership

• Define and execute the companys IT and Digital Transformation roadmap aligned with business objectives.
• Partner with business leaders across Exploration, Production, Refining, and Supply Chain to drive technology-enabled value creation.
• Lead adoption of emerging technologies such as IoT, AI/ML, Cloud, Data Analytics, and Industrial Automation for Oil & Gas operations.

Technology & Operations Management

• Oversee IT infrastructure, enterprise applications (ERP, SCADA, ETRM, Asset Management Systems, etc.), and field automation solutions.
• Implement advanced data analytics for reservoir modeling, predictive maintenance, and production optimization.
• Ensure high availability, resilience, and scalability of IT and OT (Operational Technology) systems.

Cybersecurity & Risk Management

• Develop and enforce cybersecurity strategies protecting both IT and OT environments against evolving threats.
• Ensure compliance with global oil & gas standards (ISO, NIST, NERC, OISD, API, etc.).
• Oversee disaster recovery, business continuity planning, and risk management frameworks.

Vendor & Stakeholder Management

• Drive value through IT procurement, contract negotiations, and vendor partnerships.
• Manage relationships with technology partners, regulators, and industry consortiums.
• Foster collaboration across business, field operations, and support functions.

People Leadership

• Build and lead a high-performing IT and digital workforce.
• Promote a culture of innovation, agility, and continuous improvement.
• Mentor and develop IT leaders for future succession.

Qualifications & Experience

• Bachelors degree in Computer Science, Information Technology, or Engineering (Masters preferred; MBA a plus).
• 15+ years of progressive IT leadership experience, with at least 7 years in senior leadership within Oil & Gas, Energy, or Process Industries.
• Proven expertise in digital transformation within exploration, production, or downstream operations.
• Strong knowledge of ERP systems (SAP, Oracle), field automation, SCADA/DCS, IoT, AI/ML, and cloud adoption.
• Deep understanding of IT/OT convergence and cybersecurity in critical infrastructure.
• Excellent leadership, stakeholder management, and communication skills.

Key Competencies

• Strategic Vision & Business Acumen
• Strong Technology & Operational Knowledge
• Risk Management & Cybersecurity Leadership
• Digital Transformation & Innovation Focus
• Influencing & Change Management Skills
• Collaboration with C-Suite and Global Stakeholders

Management Level
Senior Associate

Job Description & Summary
At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

PwC is driving major changes across information and cyber security by building a centralized model to provide security services across the entire network of member firms.  Mandated at the network level, Network Information Security (NIS) operates outside Information Technology (IT) and is responsible for this major program initiative, from definition of the security strategy to the execution of the global Cyber Readiness Program, moving from local to globally provided services.

Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries' cost of attack.

NIS is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.

If you are seeking an exciting career with the scope to grow your cyber security skills through major change on a global scale, then NIS will empower you to do so.

What does your work look like?
This role is part of the Central and Eastern Europe (CEE) Chief Information Security Office (CISO) team.  CEE CISO team enables local and CEE regional security effectiveness and helps remove roadblocks and barriers from Cyber Readiness Program journey.

Your skills and responsibilities include but are not limited to:

• You will collaborate with both the NIS global teams and the CEE network of firms to support issue resolution and drive progress against better adoption of Cyber Readiness Program
• Incident oversight - providing advice, direction and escalation where applicable
• Collaborate with our global teams to ensure member firm needs are reflected in centrally driven activities.
• Support, initiate and run regular Cybersecurity Hygiene activities in CEE
• Risk Identification and follow up on remediation
• Advise on Policy & Standards Compliance
• Application and Infrastructure vulnerability management - track and drive remediation to drive down line of security risk
• Contribution to audits
• Partner with CEE IT, and business teams for large or complex projects requiring senior security input and decision-making capabilities
• Security consultation, governance, escalations, and support regarding Information Security
• Education and coaching CEE Stakeholder communities regarding NIS  Cyber Readiness Program

Who are you?

• High level understanding of professional services industry business model, service offerings, and threat landscapes
• Aligning technical and the business world – ability to influence
• Interest in Information Security and a broad understanding of its ability to act as a differentiator in the market
• Solid understanding of technical information security risks in all of its facets
• Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
• Creative problem solving and strong communication skills.
• Possess a growth mindset and be able to adapt to operate in different environments.
• Bachelor or Master's degree, or equivalent Industry certification
• NYSC Certificate / Exemption
• Up to 3 Years' experience in a relevant information security role is an advantage
• CompTIA Security+ or similar professional certification is an advantage

Travel Requirements

Available for Work Visa Sponsorship?

Job Posting End Date
October 3, 2025

Management Level

Senior Associate

Job Description & Summary

At PwC, our people in cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data.

Those in information security at PwC will focus on protecting sensitive data and systems from cyber threats through risk assessments, security audits, and implementing robust security measures. Your work will help enable the confidentiality, integrity, and availability of information assets for clients.

PwC is driving major changes across information and cyber security by building a centralized model to provide security services across the entire network of member firms. Mandated at the network level, Network Information Security (NIS) operates outside Information Technology (IT) and is responsible for this major program initiative, from definition of the security strategy to the execution of the global Cyber Readiness Program, moving from local to globally provided services.

Our mission is to identify, control, and reduce the attack surface across the network of member firms while increasing our adversaries' cost of attack.

NIS is redefining cyber security on a global scale at PwC. Our mission protects 223,000 PwC members across 157 member firms worldwide, as well as our global clients.

If you are seeking an exciting career with the scope to grow your cyber security skills through major change on a global scale, then NIS will empower you to do so.

What does your work look like?

This role is part of the Central and Eastern Europe (CEE) Chief Information Security Office (CISO) team. CEE CISO team enables local and CEE regional security effectiveness and helps remove roadblocks and barriers from Cyber Readiness Program journey.

Your skills and responsibilities include but are not limited to:

• You will collaborate with both the NIS global teams and the CEE network of firms to support issue resolution and drive progress against better adoption of Cyber Readiness Program
• Incident oversight - providing advice, direction and escalation where applicable
• Collaborate with our global teams to ensure member firm needs are reflected in centrally driven activities.
• Support, initiate and run regular Cybersecurity Hygiene activities in CEE
• Risk Identification and follow up on remediation
• Advise on Policy & Standards Compliance
• Application and Infrastructure vulnerability management - track and drive remediation to drive down line of security risk
• Contribution to audits
• Partner with CEE IT, and business teams for large or complex projects requiring senior security input and decision-making capabilities
• Security consultation, governance, escalations, and support regarding Information Security
  Education and coaching CEE Stakeholder communities regarding NIS Cyber Readiness Program

Who are you?

• High level understanding of professional services industry business model, service offerings, and threat landscapes
• Aligning technical and the business world – ability to influence
• Interest in Information Security and a broad understanding of its ability to act as a differentiator in the market
• Solid understanding of technical information security risks in all of its facets
• Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
• Creative problem solving and strong communication skills.
• Possess a growth mindset and be able to adapt to operate in different environments.
• Bachelor or Master's degree, or equivalent Industry certification
• NYSC Certificate / Exemption
• Up to 3 Years' experience in a relevant information security role is an advantage
• CompTIA Security+ or similar professional certification is an advantage

Travel Requirements

Available for Work Visa Sponsorship?

Job Posting End Date

October 3, 2025

Today

Lagos Full Time

Banking, Finance & Insurance NGN 900,000 - 1,200,000

Easy Apply

Directing Others. Developing Others Decision Quality & Problem Solving Interpersonal Skills. Attention to Detail

To design and enforce policies and procedures that will protect computing infrastructure from all forms of security breaches. To establish and maintain the Bank's vision, strategy, and program to ensure information assets and technologies are adequately protected.

• Minimum Qualification : Degree
• Experience Level : Senior level
• Experience Length : 7 years

Responsibilities:

• Developing and implementing information security policies, procedures, and guidelines.
• Communicating the information security policy to all relevant personnel and customers where applicable.
• Leading incident response and recovery efforts in case of security breaches or incidents.
• Conducting regular security assessments, audits, and risk assessments to identify vulnerabilities and mitigate risks.
• Identifying, developing, implementing, and maintaining processes across the Bank to reduce information and information technology (IT) risks
• Providing guidance and training to staff members on security best practices and compliance requirements
• Collaborating with vendors and third-party partners to assess their security posture and manage risks associated with external relationships.
• Ensuring regular cloud back-ups, secondary data Centre and other back-ups
• Keeping abreast of the latest cybersecurity trends, threats, and technologies to continuously enhance our security posture.
• Overseeing and implementing the cybersecurity programme and strategies approved by the Board.
• Develop secure business and communication practices, identify security objectives and metrics, recommend the acquisition of security products/tools to keep information assets safe and resilient, maintain the bank's data privacy and ensure all employees undertake security awareness training periodically.
• Co-ordinate ISO 27001 and 22301 recertification and other certification audits relating to the information system of the Bank.
• Identify vulnerabilities in our current networks.
  Ensure proper information risk management, including research and investigative measures that address data security risk and potential losses for reporting purposes.

Requirements:

• Minimum of HND/B.Sc in computer science or a related field and a minimum of 3-5 years of progressive experience in information security and the banking industry.
• Relevant professional certifications such as CISA, ISO, CISM or CISSP and qualified membership of a professional accounting body, an MBA or other IT certifications and/or a second degree are added advantages.
• Experience in an information security role, cybersecurity.
• Solid knowledge of various information security frameworks.
• Excellent problem-solving and analytical skills.
• Ability to educate a non-technical audience about various security measures.
• Strong knowledge of regulatory bodies and the regulations and guidance issued by these bodies overseeing banks, credit unions, and financial services organisations, such as the FDIC, FinCEN, Federal Reserve Board, Office of Thrift Supervision, and NCUA
• Effective verbal and written communication skills.
• Knowledge of a mortgage bank's structure, operations, policies and procedures.
• Knowledge of a mortgage bank's products and services.
• Knowledge of ethics and fraud-related issues.
• Knowledge of corporate governance.
• Knowledge of tax operations/regulations.
• Knowledge of relevant financial reporting standards.
• Knowledge of a mortgage bank's banking applications and channels.
• Working relationship with law enforcement agencies and other banks.
• Knowledge of system access control.
• Knowledge of system architecture and security.
• Knowledge of controls that have been put in place in the bank's operating environment.
• Knowledge of the principle of audit & control, risk-based audit and risk assessment process.
• Knowledge of the principle of dual control.
• Knowledge of Database Management Systems.
• Knowledge of query languages (e.g., SQL).

The resource shall be responsible for the following

• Carry out procedural system maintenance on all IT systems.

• Ensure all networks including but not limited to LAN, MAN, WAN, GAN meets the

demand of the company.

• Troubleshoot system and network problems, diagnosing and solving hardware or

software faults and replace parts as required.

• Maintain all IT system work flows.

• Maintain and update all IT Networks.

• Maintain and contribute to the development of IT Network.

• Participate actively in developing, planning and implementing advance IT systems.

• Other duties as assigned.

Functions:

• Lead cybersecurity initiatives in conjunction with Group Cybersecurity team.

• Design and implement security controls to safeguard and monitor events for

information systems, enterprise applications and data.

• Lead the implementation of Information Security projects

• Drive internal and external vulnerability assessment, penetration tests

engagements and manage results to remediation.

• Respond to escalated security events and drive security incident response

processes to ensure timely resolution with minimal disruption.

• Design, document, and deploy secure infrastructure solutions to enhance and

evolve the security posture of the business to ensure integrity, availability and

confidentiality of all critical enterprise data.

• Provide expertise on security tools, including but not limited to firewalls, Web

Application firewalls, IDS/IDP, anti-malware software

• Liaise with stakeholders in respect of operational implementation of security

policies and best practices

• Collaborate with the Client Server Team to ensure that technical plans are practical,

controls are sustainable, and implementations are managed to minimize risks and

adverse impact to servers, workstations and user productivity.

• Implement the infrastructure, configurations and processes to monitor security

related events

• Prevent data loss and service interruptions by researching new technologies that

will effectively protect the enterprise network.Supervisory/Managerial Responsibilities:

• Ensure conformance to Cybersecurity Blueprint/Roadmap

• Provide inputs to company strategic plan on all initiatives to ensure that Security

gaps/vulnerabilities are identified & closed

• Establish and ensure credibility through strong relationships, value-add to

operations and professionalism

Experience:

• Minimum of 5 years' experience in an area of Security specialisation; with

experience working with others

• Experience working in a Large organization and preferably in the

Telecommunications industry

• Strong background as an Engineer/Architect in application security infrastructure

and various network technologies to include devices such as firewalls, VPN,

intrusion/extrusion detection, vulnerability & risk assessment tools, encryption

technologies, virus/worm/malware prevention, E-business and web application

technologies, Data Loss Prevention, whole disk & device encryption solutions,

two factor authentication, common Windows (desktop & server) platforms

• Experience with Microsoft, Solaris, Unix, Oracle and MS SQL

• Experience working in telecommunications industry

• Managing network and / or network security

• Knowledge should be current with information security best practices and global

trends

• Knowledge of security best practices such as; defense in-depth, least privileges,

need-to-know, separation of duties, access controls, encryption

• User account identity, authorization and authentication management.

• Security incident and event management

• Experience in researching new or emerging technologies and processes that may be

incorporated as solutions to reoccurring security concernTraining:

• Penetration Testing

• Vulnerability lifecycle management

• Advanced Security Incidence Reponse

• Systems Auditing, Database Security, Firewall Design, Intrusion detection system

administration Implementation

• Security enforcement on systems level, security audit and vulnerability

management

• • Telecommunications, Network, wireless & Internet Security

About the role:

The Manager of Information Management Security plays a pivotal role in overseeing and safeguarding the company's information assets, ensuring robust security measures, and aligning IT security strategies with overall business objectives. This position is integral to maintaining the integrity, confidentiality, and availability of information within the company and across client solutions. The Manager will develop and enforce security policies, manage the company's cybersecurity programs, and ensure compliance with industry standards. The role directly supports the company's mission of delivering reliable, secure, and scalable technology solutions to organizations, reinforcing customer trust and system resilience.

.
RESPONSIBILITIES:

1. Security Strategy Development and Implementation:

2. Develop and implement the company's cybersecurity strategy to protect information systems and assets.

3. Collaborate with business units to align security strategies with organizational goals.

4. Drive risk assessments, threat modeling, and vulnerability assessments.

5. Policy and Compliance Management:

6. Establish and maintain security policies, standards, and guidelines.

7. Ensure compliance with regulatory requirements such as GDPR, HIPAA, and ISO/IEC 27001.

8. Oversee the implementation of data protection and information governance best practices.

9. Incident Management and Response:

10. Lead incident response planning and execution, ensuring timely mitigation of security breaches.

11. Investigate and report security incidents, ensuring continuous improvement in response protocols.

12. Conduct post-incident reviews and coordinate remediation activities.

13. Team Leadership and Development:

14. Lead a team of security professionals, providing direction, mentorship, and performance evaluations.

15. Foster a security-conscious culture within the organization, providing ongoing training and awareness programs.

16. Collaborate with cross-functional teams, including IT, legal, and operations.

17. Vendor and Solution Management:

18. Evaluate, select, and manage security vendors and third-party service providers.

19. Oversee security technology deployments, including firewalls, encryption systems, IDS/IPS, and endpoint protection.

20. Monitor and review security solutions for effectiveness and continuous improvement.

21. Continuous Monitoring and Threat Intelligence:

22. Implement and manage security monitoring systems, ensuring continuous oversight of network traffic and system behavior.

23. Stay up-to-date on emerging cybersecurity threats and trends, adjusting strategies as necessary.

24. Conduct regular security audits and penetration tests to validate system security.

25. Stakeholder Communication:

26. Communicate security risks and incident updates to executive management and relevant stakeholders.

27. Prepare security reports, including analysis of incidents and mitigation strategies.
28. Advocate for the importance of security within business operations and strategy.

QUALIFICATIONS REQUIRED:

• Bachelor's Degree
  in Computer Science, Information Technology, Cybersecurity, or related field. A
  Master's Degree
  is an added advantage.
• 10+ years of experience
  in IT security roles, with at least 5 years in a managerial or leadership position.
• Proven experience in developing and implementing security policies and strategies in a business environment.
• Demonstrated track record of managing complex security projects and initiatives.