datatrota
Signup Login
Home Jobs Blog

Business Information Security Officer (BISO) at Daystar Power Energy Solution

Daystar Power Energy SolutionLagos, Nigeria Networking and Tech Support
Full Time
Daystar Power is committed to helping African businesses grow and develop by taking their power needs off their plate. In doing so, it aims to contribute to the clean and sustainable growth of African countries.

Job Summary

BISO is the Daystar cyber and information security lead responsible for:

  • Risk-based cyber and information security protection.
  • Ensuring risks are considered at the start across all forms of demand.
  • Manage end-to-end Group CISO risk management processes as needed.  
  • Ensuring security and compliance with key standards and policies, minimizing Daystar’s exposure to preventable risks and unlocking value.
  • Guiding Daystar’s Business/Functions to adapt Group CISO requirements by balancing value, affordability, do-ability and absorbability against risk exposure.
  • Interfacing with Group CyberDefense Team when an incident occurs, managing the incident to closure, in other to protect Daystar’s landscape (systems, networks, and data) from cyber threats; ensuring the safety and security of sensitive information ; and ensuring the confidentiality, integrity and availability of data by implementing robust defence mechanisms.
  • Manage IT security and operations risks, ensuring Daystar IDT can deliver secure and reliable products and services to the entire Group. The role would also be responsible for ensuring risks to information assets are identified and understood, that appropriate action is taken to mitigate risks and that there is sustained compliance of the organisation / business unit and its associated customers, users, suppliers or partners with the controls framework and related policies, standards and processes
  • Interfacing with Group CyberDefense Team when an incident occurs, managing the incident to closure, in order to protect Daystar’s landscape (systems, networks, and data) from cyber threats,
  • Single point of contact for control, compliance and operations risk.
  • Ensure IRM activities (e.g. risk acceptance, vulnerability, IRM projects, compliance status) are visible and actioned across Daystar. Reporting for Daystar Business and IDT leadership and facilitate review, escalation, drive implementation.
  • Design and own Daystar Control and Compliance reporting & dashboard.
  • Drive change and implement simplification including elimination.
  • Drive gamification approach for Compliance and Control.
  • Lead Daystar Think Secure Champions network.
  • Act as Operational Readiness Framework Lead/Focal Point for Daystar
  • End-to-end accountable for the coordination and timely execution of outbound assurance to customers, partners and regulatory bodies.
  • Work hand in hand with other BISOs, IDT community and business orchestrating execution of outbound assurance queries from customers, partners and regulatory bodies.
  • Provide internal Assurance Services (incl. Testing): Performing end-to-end Compliance Testing on controls put in place to minimise risk. Focused Risk Reviews and Process Walk through for IT applications/processes to identify unmitigated risks.

Requirements

  • Bachelor’s/ Master’s degree in ICT, Electrical/Electronic Engineering and Computer Science. Candidates with degrees in other subjects but with strong hands-on domain achievements and relevant certifications in the areas listed above are also acceptable.
  • The Business Information Security Officer is expected to have relevant skills and experience in at least Domains – Information Risk Management and IT/OT Ops.
    • At least 5 years in Information Risk Management and IT/OT Operations.
    • Certifications (one or more is desired): PCIP, CISSP, CISM, CISA, CCSP, CRISC, ISO 27001.
    • Proficiency in the use of the following Tools is a strong additional advantage - Power Apps and Power BI.
    • Excellent understanding of Information Risks Management processes and frameworks covering risk management, project risk engagement, project assurance and audit & compliance management.
    • Knowledge of Cyber Ops concepts. Good understand technical vulnerabilities and ability to recommend remediations.
    • Experience in conducting and communicating security evaluations and communicating cyber risk impacts, consequences to all levels of stakeholders.
    • Proven ability in balancing IT/OT control and compliance requirements/needs/standards in terms of risk and affordability & feasibility to the IT/OT operation teams.
    • In depth understanding of, and solid experiences with IRM and its impact on application development and IT operations as well as the IT Infrastructure.
    • In-depth understanding of IT/OT Operations and the challenges in delivery of reliable and secure solutions.
    • Understanding of the principles and practices involved in development and maintenance of the business IT applications
    • Detailed knowledge of Information Security developments and practices.
    • Demonstrates good practical knowledge of wide areas of IS concepts and practices.
    • Strong awareness of the evolving threat landscape and the main vulnerabilities and other weaknesses that IT solutions must avoid.

Method of Application

Signup to view application details. Signup Now
Signup to Apply Email Job

More jobs like this

View More Jobs →
Email Job Signup to Apply

Job Overview

Full Time
X

Send this job to a friend