Let's Connect!

Manager Audit Risk & Compliance 127 views

MTN Nigeria limited needs Manager Audit Risk and Compliance.

Job Description:

  • Responsible For The Definition Of MTN Nigeria Information Security Policy, Embedding Security Policy Into Operation And Leading Security Risk Assessment Efforts And Associated Controls & Reporting In Line With The Group Policies.
  • Drive Effective Coordination And Closure Of All IS Compliance Activities, Including Control Tracking And Actual Submissions For Closure.
  • Support The Shareholder Return Strategy By Developing And Implementing Information Systems Processes That Are Aligned To Achieving All Elements On The Business Score Card. (I.E. Grow Market Share, Grow ICT & Data Revenue, Increase EBITDA Margins, Assure Revenue, CAPEX Returns Management And Net Subscriber Additions).
  • Monitor The Information Systems Control Design And Implementation Process To Ensure That It Is Implemented Effectively And Within Time, Budget And Scope
  • Maintain Effective Working Relationships With Internal And External Suppliers.
  • Serve As Liaison To Auditors, Consultants, And The Bank Compliance Committee Regarding Documentation And Review Of Information Compliance
  • Provide Progress Reports On The Implementation Of Information Systems Controls To Inform Stakeholders And To Ensure That Deviations Are Promptly Addressed.
  • Develop A Risk Awareness Program And Conduct Training To Ensure That Stakeholders Understand Risk And Contribute To The Risk Management Process And To Promote A Risk-Aware Culture.
  • Provide Information Systems Control Status Reporting To Relevant Stakeholders To Enable Informed Decision Making.
  • Identify, Assess And Evaluate Risk To Enable The Execution Of The Enterprise Risk Management Strategy
  • Collect Information And Review Documentation To Ensure That Risk Scenarios Are Identified And Evaluated.
  • Identify Legal, Regulatory And Contractual Requirements And Organizational Policies And Standards Related To Information Systems To Determine Their Potential Impact On The Business Objectives.
  • Identify Potential Threats And Vulnerabilities For Business Processes, Associated Data And Supporting Capabilities To Assist In The Evaluation Of Enterprise Risk.
  • Create And Maintain A Risk Register To Ensure That All Identified Risk Factors Are Accounted For.
  • Assemble Risk Scenarios To Estimate The Likelihood And Impact Of Significant Events To The Organization.
  • Analyze Risk Scenarios To Determine Their Impact On Business Objectives.
  • Develop An Information Security Strategy Aligned With Business Goals And Objectives And Ensure Aligning Of Information Security Strategy To Corporate Governance
  • Correlate Identified Risk Scenarios To Relevant Business Processes To Assist In Identifying Risk Ownership.
  • Validate Risk Appetite And Tolerance With Senior Leadership And Key Stakeholders To Ensure Alignment
  • Interview Process Owners And Review Process Design Documentation To Gain An Understanding Of The Business Process Objectives.
  • Analyze And Document Business Process Objectives And Design To Identify Required Information Systems Controls.
  • Facilitate The Identification Of Resources (E.G. People, Infrastructure, Information, Architecture) Required To Implement And Operate Information Systems Controls At An Optimal Level.
  • Ensure All Controls Are Assigned Control Owners To Establish Accountability And Establish Control Criteria To Enable Control Life Cycle Management
  • Establish Internal And External Reporting And Communication Channels That Support Information Security
  • Design And Implement Information Systems Controls In Alignment With The Organization’s Risk Appetite And Tolerance Levels To Support Business Objectives.
  • Facilitate The Identification Of Metrics And Key Performance Indicators (KPIs) To Enable The Measurement Of Information Systems Control Performance In Meeting Business Objectives.
  • Develop And Implement Risk Responses To Ensure That Risk Factors And Events Are Addressed In A Cost-Effective Manner And In Line With Business Objectives.
  • Identify And Evaluate Risk Response Options And Provide Management With Information To Enable Risk Response Decisions.
  • Review Risk Responses With The Relevant Stakeholders For Validation Of Efficiency, Effectiveness And Economy
  • Monitor And Maintain Information Systems Controls To Ensure They Function Effectively And Efficiently.
  • Plan, Supervise And Conduct Testing To Confirm Continuous Efficiency And Effectiveness Of Information Systems
  • Ensure That All IT Policies And Procedures Are Compliant With Regulatory Requirements
  • Assess And Recommend Tools And Techniques To Automate Information Systems Control Verification Processes.
  • Evaluate The Current State Of Information Systems Processes Using A Maturity Model To Identify The Gaps Between Current And Targeted Process Maturity.
  • Determine The Approach To Correct Information Systems Control Deficiencies And Maturity Gaps To Ensure That Deficiencies Are Appropriately Considered And Remediated
  • Test Information Systems Controls To Verify Effectiveness And Efficiency Prior To Implementation And Implement Information Systems Controls To Mitigate Risk
  • Facilitate Independent Risk Assessments And Risk Management Process Reviews To Ensure They Are Performed Efficiently And Effectively.
  • Identify And Report On Risk, Including Compliance, To Initiate Corrective Action And Meet Business And Regulatory Requirements
  • Serve The Division’s Internal Customers And Provide Solutions To Improve The Customer Experience.
  • Drive Planned Strategy For The Successful Delivery Of MTN Group And MTNN Transformation Initiatives Focusing On Customer Centricity, Including Perfect 10 Project.
  • Drive An Increase In MTNN’s Net Promoter Score.
  • Participate In IT Projects And Initiatives To Bring Pro-Active Risk Management Focus Into Solutions.
  • Design Information Systems Controls In Consultation With Process Owners To Ensure Alignment With Business Needs And Objectives.
  • Communicate Audit And Review Results To Appropriate Parties And Ensure That Issues Are Addressed And Corrective Actions Are Implemented
  • Continuously Seek Self-Professional Development To Sharpen Skills And Capabilities In A Versatile And Evolving Digital Landscape.
  • Coach And Train The Team To Ensure Understanding Of The Objectives And Goals Of The Department, Awareness Of Set Targets/Requirements And Regularly Review Their Training Needs.
  • Provide Documentation And Training To Ensure Information Systems Controls Are Effectively Performed

Job Condition

  • General Working Conditions
  • May Be Required To Work Extra Hours

Experience & Training

Experience:

Minimum 6 Years’ Experience Which Includes:

  • Minimum Of 3 Years’ Experience In An Area Of Specialisation; With Experience In Supervising/Managing Others
  • Experience Working In A Medium To Large Organization
  • Interpretation And Application Of Governance, Risk And Compliance Frameworks
  • Advanced Knowledge Of Risk Assessment Design And Delivery
  • In-Depth Understanding Of PCI, ISO31000, ISO 27001:2013

Training:

  • Emerging Enterprise Architectures
  • ISO
  • CISSP
  • CISM

Minimum Qualification:

BEng, BTech, BA, BEd Or HND

Deadline: 11/08/2917

Only candidates can apply for this job.
Share this job

EJOBS Nigeria

EJOBS Nigeria is a fast growing job match network aim at connecting job seekers and employers. Are you a job seeker looking for new job or an employer looking to hire workforce? If yes, then this platform is all you need. Learn more

Please Like N Share Let’s Connect!

SIGN UP FREE E-MAIL ALERT

Enter your email address: