Chief Information Security Officer (CISO) at Uridium Technologies

Uridium Technologies Limited is an IT Solutions delivery company that was set up and incorporated under the Companies and Allied Matters Act 1990, to bridge this gap by providing IT and Infrastructure solutions and services to all sectors of the Nigerian economy including FSI, Manufacturing, Oil & Gas, Government departments & educational institutions etc.

Role Overview:

• We are seeking an experienced, highly strategic Chief Information Security Officer (CISO) to lead our information security and cybersecurity strategy. The CISO will be responsible for ensuring the confidentiality, integrity, and availability of the company’s digital infrastructure, identity platforms, customer data, and compliance protocols. This role requires deep expertise in cybersecurity frameworks, risk management, data privacy laws (local and international), and modern digital ID security architecture.

Key Responsibilities:
Strategic Leadership

• Define and implement the company’s overall information security strategy in alignment with business goals and regulatory requirements.
• Serve as the executive owner of cybersecurity initiatives and the central authority on all matters of information and cyber risk.
• Represent the company’s security posture in board meetings, client engagements, and with regulators.

Governance, Risk & Compliance

• Establish and maintain a company-wide information security and risk governance framework.
• Ensure compliance with applicable regulations such as Nigeria Data Protection Act (NDPA), GDPR, CBN regulations, NITDA guidelines, and international standards (e.g., ISO 27001, NIST, PCI-DSS).
• Lead risk assessments, audits, and gap analyses across the enterprise.

Security Architecture & Infrastructure

• Oversee the design and implementation of secure infrastructure for identity verification platforms, APIs, databases, and third-party integrations.
• Guide secure architecture for emerging technologies including blockchain-based identity systems, AI-driven fraud detection, and cloud-native services.
• Approve and oversee encryption, IAM (identity and access management), secure software development lifecycle (SSDLC), and network defense strategies.

Threat Management & Incident Response

• Lead a proactive cybersecurity defense strategy, including threat detection, vulnerability management, and real-time monitoring.
• Establish incident response and business continuity plans, ensuring rapid response to breaches and minimizing operational impact.
• Develop a threat intelligence framework, working with national CERTs, law enforcement, and international threat-sharing groups.

Data Protection & Privacy

• Ensure that all data systems comply with privacy laws and best practices for storing, transmitting, and processing PII (Personally Identifiable Information) and biometric data.
• Implement data minimization, retention, and tokenization strategies.
• Oversee DPO (Data Protection Officer) functions or coordinate with appointed DPOs.

 Team Leadership & Culture

• Build, mentor, and manage the information security and cybersecurity team.
• Foster a culture of security awareness and accountability across all business units.
• Lead employee training programs and simulations for cybersecurity awareness and policy adherence.

Vendor and Partner Security

• Evaluate and manage third-party security risks, particularly with cloud, payment, telecom, and identity verification providers.
• Negotiate security terms in partner agreements, SLAs, and procurement.

Key Requirements:
Education & Certifications:

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Certifications such as CISSP, CISM, CEH, CCSP, or ISO 27001 Lead Implementer/Auditor are strongly preferred.

Experience:

• 8–12+ years of progressive experience in cybersecurity, with at least 5 years in a senior leadership or CISO role.
• Proven experience in designing and managing security for digital identity or FinTech platforms is highly desirable.
• Strong understanding of Nigerian, African, and global cybersecurity, privacy, and compliance landscapes.
• Experience working with public sector clients and knowledge of government-related security standards (e.g., NIMC, NDPR, NITDA, etc.).

Skills:

• Deep knowledge of information security architecture, cloud security, API security, cryptography, zero-trust frameworks, and secure identity design.
• Strong leadership, communication, and stakeholder management skills.
• Ability to balance business and security objectives in a rapidly evolving environment.
• Strategic thinking with strong technical acumen.

Method of Application

Signup to view application details. Signup Now