Head, Management Assurance at Nigeria Inter-Bank Settlement System Plc (NIBSS)

Nigeria Inter-Bank Settlement System Plc (NIBSS) provides the infrastructure for automated processing, settlement of payments and fund transfer instructions between Banks and Card Companies in Nigeria.NIBSS is owned equally by all licensed banks in Nigeria, and the Central Bank of Nigeria.We are recruiting to fill the position below:Job Title: Head, Management Assurance Location: LagosDepartment: Risk ManagementDivision: MD’s DivisionReports to: Chief Risk OfficerGrade: Deputy Manager (DM)/ Manager (MGR)Role SummaryTo identify, prioritize, and estimate risk to NIBSS, other organizations, and the Nation, resulting from the operation and use of NIBSS information systems; facilitate implementation of effective risk management practices by operational management; intervene directly in modifying, developing the internal control and risk systems.Serve as the primary liaison for the Chief Risk Officer (CRO) to system owners, common control providers, system security officers, information owners and stewards, mission and business owners; serve as deputy to CRO for risk management succession planning.Emergency Management and Organizational Resilience (ER):Actively assessing (testing and examining) business continuity, continuity of operations, crisis communications, critical infrastructure protection, disaster recovery, incident response, system contingency, occupant emergency, and other ER activities;Reviewing, improving, and maintaining all operating procedures for testing all ER plans.Internal Control Measures:Intervene directly in modifying and developing the internal control and risk systems; evaluating incident details, trends, and handling for incident response;Developing and maintaining operating procedures for risk management activities, particularly for providing management assurance at the enterprise and processes tiers of the risk management framework;Reviewing and improving operating procedures for implementing all organizational policies. Support the continuous process improvement of Management Systems for business continuity (BCMS), information security (ISMS), and IT Service Management (ITSMS).Risk Assessments:Identify risks to NIBSS (including its missions, functions, image, and reputation), assets, individuals, other organizations, the Nigerian Payment System, and the Nation, resulting from NIBSS operations; incorporate threat and vulnerability analyses, analysis of privacy-related problems, and mitigations provided by internal controls;Conduct process risk assessments for the 18 baseline policy domains and for the underlying processes of all high-risk threat areas in the program plan, including product development, financial management, project and contract management, and operations management processes.Key ResponsibilitiesCorrect execution of processes and tasks for Management Assurance:Actively assess (testing and examining) business continuity, continuity of operations, crisis communications, critical infrastructure protection, disaster recovery, incident response, system contingency, occupant emergency, and other emergency and resilience procedures.Review, improve, and maintain all operating procedures for maintaining and testing all emergency and resilience procedures, support security testing of software, systems, and services.Intervene directly in modifying and developing internal controls and risk management systems; and evaluating incident details, trends, and handling for incident response.Develop, implement, and maintain policies and operating procedures for risk oversight.Support the continuous improvement of all management systems.Identify and significantly diminish variations by using statistical approaches to decrease error rates and increase quality performances (process improvement);institute enhanced approach to software development, product management, and organizational transformation.Correct execution of processes and tasks for Control Assessor:Conduct a comprehensive assessment of implemented controls and control enhancements to determine the effectiveness of the controls (i.e., the extent to which NIBSS implements controls correctly, operate controls as intended, and produce the desired outcome with respect to meeting the internal control requirements for the system and NIBSS).Assess the implemented controls using the assessment procedures specified in the security and privacy assessment plans.Review the security and privacy plans to facilitate development of the assessment plans prior to initiating the control assessment.Provide an assessment of the severity of the deficiencies discovered in the system, environment of operation, and common controls and can recommend corrective actions to address the identified vulnerabilities.Prepare security and privacy assessment reports containing the results and findings from the assessment.Correct execution of processes and tasks for Assurance Architecture:Ensure that enterprise architecture (including reference models and internal control framework) and systems supporting mission and business processes adequately address the protection needs of stakeholders and the corresponding system requirements necessary to protect organizational missions and business functions and individuals’ privacy.Serve as a secondary liaison between the enterprise architect and the systems security and privacy engineers and coordinate with all system owners, system security officers, and privacy officers on the allocation of controls.Advise the Chief Information Officer, Chief Risk Officer, and other Senior Management roles on all assurance and internal control issues.Provide assurance on the protection of information and information systems from unauthorized system activity or behavior to provide confidentiality, integrity, and availability.Develop internal controls for privacy and provide assurance on the management of privacy risks to individuals associated with the processing of Personally Identifiable Information (PII).Consult on information ownership or stewardship through input of subject matter expertise:Establish policies and procedures governing the generation, collection, processing, dissemination, and disposal of NIBSS information.Establish rules in information sharing environments for appropriate use and protection of NIBSS information and retain the responsibility when NIBSS shares or provides the information to other organizations.Provide input to system owners regarding the internal controls for the systems where the information is processed, stored, or transmitted.Consult on enterprise architecture through input of subject matter expertise:Work with Executive and Senior Management and subject matter experts to build a holistic view of NIBSS missions and business functions, processes, information, and assets.Implement an enterprise architecture strategy that facilitates effective security and privacy solutions.Coordinate with enterprise, security, privacy, and other architects to determine the optimal placement of information systems within the enterprise architecture and to address security and privacy issues between systems and the enterprise architecture.Assist in reducing complexity within the IT infrastructure to facilitate security.Assist with determining appropriate control implementations and initial configuration baselines as they relate to the enterprise architecture.Collaborate with system owners and authorizing officials to facilitate authorization boundary determinations and allocation of controls to system elements.Assist with integration of the organizational risk management strategy and system-level security and privacy requirements into program, planning, and budgeting activities, the SDLC, acquisition processes, security and privacy (including supply chain) risk management, and systems engineering processes. 

Apply at https://ngcareers.com/job/2019-03/head-management-assurance-at-nigeria-inter-bank-settlement-system-plc-nibss-442/