Description
The primary mission of this role is ensuring a secured Dangote IT environment by developing and maintaining the Group’s security architecture ensuring that security requirements are adequately addressed throughout the development and acquisition lifecycles for all assets. This role would define, implement, assess, and maintain controls necessary to protect information and vital assets in accordance with security requirements.
Responsibilities
Identity and Access Management – This function responsible for managing and monitoring Privileged identities and access within the Group.
Vulnerability Assessment and Penetration Testing – Perform vulnerability assessments and penetration testing to identify potential security weaknesses in our infrastructure and applications within the environment.
Application and Database security - Define, implement, assess, and maintain controls necessary to protect software and applications in accordance with security requirements. This function also includes management and monitoring of database activities.
Deploying and Managing Security Tools – Design and implement security solutions that are scalable, reliable, and easy to use. Configure and maintain security tools, such as firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
IT Security Governance – Develop and implement security policies and procedures to ensure compliance with industry standards and regulations. Supporting Group wide IT Security audit exercises , reviewing policies and advising on IT risk findings.
Security Automation – Using systems in place such as Microsoft sentinel to create automations and playbooks to aid security incident response. This would also include using open-source tools to automate repetitive tasks where necessary.
Education
B.Sc./HND Computer Science or related course(s).
5 - 8 years working experience in same or related position.
Certification such as MS-500, AZ-500 GSEC, CompTIA, (ISC)2 or any other relevant security related certificates.
Competencies, Skills and Knowledge Attitude
Strong technical skills in Infrastructure, Application, Network, cloud security, Identity & access management, and security automation.
Must have deep understanding and familiarity with:
Security frameworks and standards, such as NIST, NDPR, ISO27001, etc.
PIM/PAM software such as CyberArk
SIEM software such as Microsoft Sentinel.
Vulnerability Management and Penetration testing
Excellent communication skills both written and oral
Excellent problem-solving skills.
Requirements
Bachelor's degree in Computer Science, Information Technology, or a similar technical field
Minimum of five years of experience in IT security in a construction-facing industry
Relevant certifications such as CISSP, CISM, GIAC, or any relevant security certification
Proven track record in developing and implementing security solutions, protocols, and risk management practices
In-depth knowledge of security frameworks such as NIST, ISO 27001/2, HIPAA, and PCI DSS
Knowledge of network and security technologies such as firewalls, IDS/IPS, VPN, anti-virus, and encryption
Excellent communication and interpersonal skills, and the ability to work in a fast-paced environment.
Benefits
Private Health Insurance
Pension Plan
Paid Time Off
Training & Development
Performance Bonus