IT Risk & IT Control Supervisor Job at Ikeja Electricity Distribution Company Plc

Ikeja Electricity Distribution Company (IKEDC) - Buoyed by a mission to redefine customer experience and be the provider of choice wherever energy is consumed, the Ikeja Electric (IE), Nigeria's largest power distribution network, came into existence on November 1st, 2013 following the handover of the defunct Power Holding Company Of Nigeria (PHCN) to NEDC/ KEPCO Consortium under the privatization scheme of the Federal Government of Nigeria.

We are recruiting to fill the position below:

Job Position: IT Risk & IT Control Supervisor

Job Location: Lagos
Job Type: Full time
Reporting to: IT Risk & IT Control Manager

Role Purpose

  • A technical, process and detail-oriented IT risk and IT control supervisor to manage risks around IT operational processes and monitor IT controls over information assets.
  • He will also perform detailed evaluation of information systems and track technology compliance with various standards.

Responsibilities

  • Provide support to ensure that comprehensive risk assessments are performed for all the organizations’ information assets, supporting technical infrastructure and associated service and support processes, electronic banking products and services and supporting platforms/technologies.
  • Provide support to ensure that comprehensive and effective risk treatment plans are developed and maintained for the organizations’ information assets, supporting technical infrastructure, and electronic payments applications, services and platforms.
  • Work with the relevant teams on effective identification, assessment, treatment, monitoring, recording and reporting of risks relating to the IT environment and technology related assets or projects in the organisation. Proactively tracks such risks and treatments and escalates significant updates for management attention.
  • Support the IT Risk & IT Control Manager in:
    • Ensuring that a framework of policies, standards and procedures for information security and risk management are developed, implemented and maintained based on global best practices for information security management to protect the organizations’ information assets.
    • Ensuring the implementation of adequate and effective security controls and processes including data privacy and protection that will safeguard the availability, integrity and confidentiality of the organization’s information assets and technology infrastructure.
    • Ensuring effective coordination/implementation support of all information security projects and initiatives including BCP/DRP relating to IT environment.
    • Developing and implementing awareness programmes and campaigns to promote information security consciousness and compliance across the organization.
    • Developing and implementing a process for achieving and maintaining compliance with the ISO 27001 international standard for Information Security Management 
  • Identify weaknesses within the organization's information systems and infrastructure and suggest innovative measures to mitigate the risks that impact business objectives.
  • Assess system control effectiveness and adequacy for the day-to-day running of business systems, processes, and application controls.
  • See to it that system controls that meet business requirements are embedded at all levels of system development/acquisition life cycle (SDLC).
  • Monitor system controls to ensure that segregation of duties in all business systems and IT infrastructure at all times by enforcing maker-checker controls for greater accountability.
  • Under the supervision of the IT Risk and IT Control Manager, coordinate and collaborate with various departments within the organization to formulate, implement and disseminate company-wide policies and standards for ensuring confidentiality, integrity and availability of information assets.
  • Prepare IT risk and IT control reports under the supervision of the IT Risk and IT Control Manager.
  • Perform miscellaneous job-related duties as assigned by the line manager.

Minimum Qualifications

  • A good First Degree or equivalent in Computer Science, Information Technology, or in any related discipline.
  • Relevant professional certifications in system/IT audit, risk or control, and risk management will be an added advantage.
  • IT risk management/ IT control experience of not less than 4 years in any relevant sector.

Technical Competencies:

  • Analytical skill
  • Project management skill
  • Oral and written communication skill.
  • Persuasive skills
  • Organizational skills
  • Good understanding of Information Security Practices
  • Good understanding of IT service management, IT software development/acquisition lifecycle, and IT operations processes

Behavioral Competencies:

  • Confidentiality
  • Objectivity
  • Judgment
  • Team building
  • Change catalyst
  • Leadership skills