Manager, IT Security & Information Risk Management

March 10, 2022

Job Description

9mobile Nigeria

9mobile is a Nigerian private limited liability company. EMTS acquired a Unified Access Service License from the Nigerian Communications Commission in 2007. The License enables EMTS provide Fixed Telephony (wired or wireless), Digital Mobile Services, International Gateway Services and National/Regional Long Distance Services in addition to spectrum assignments in the 900 and 1800 MHz bands.
We are recruiting to fill the position below:
Job Title: Manager, IT Security & Information Risk Management
Job: IRC4451
Location: Lagos, NG
Job Summary

Manage the planning and delivery of the Information Security program for EMTS enterprise IT network environment covering compute, network and storage infrastructure, supported application services and databases and ensure adequate protection is achieved and maintained.
Oversee end-to-end information security management for the IT network environment – risk assessments, planning and implementation of risk mitigation strategies and initiatives in line with best practices, continuous compliance monitoring and measurement, anchor security improvement and compliance projects, and interface with internal auditors, and enterprise risk management on all assurance matters.

Principal Functions

Develop ,manage and implement a comprehensive information security program for EMTS enterprise IT network environment.
Support the development, enhancement and implementation of a comprehensive security architecture, policies, standards and processes and ensure compliance across the IT network environment


Develop and maintain an up-to-date security posture assessment for EMTS enterprise IT network environment.  Ensure a satisfactory/acceptable risk rating from independent assessments is achieved and maintained
Conduct periodic review of the EMTS IT network environment security management framework and ensure it is refreshed and enhanced in line with industry trends and regulatory requirements.
Work with business units and other risk management/assurance functions (Internal Audit & Revenue Assurance) to identify gaps and non-conformities using risk assessments, business impact analysis, system vulnerability assessments and penetration tests etc. Develop and implement recommendations, action plans and strategies to address identified risks and non-conformities
Raise the security awareness and education level of EMTS employees (through internal bulletins, regular training and on-boarding for new hires) and  IT vendor personnel
Support security and forensic investigations and compliance reviews as requested by internal or external auditors
Play an advisory role in application development, acquisition or delivery projects, to assess information security requirements and ensure that security controls are implemented as planned throughout the project life cycle to fulfill these requirements
Prepare reports for management attention on residual risks, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Conduct research, assess new threats and security alerts and recommend and follow through on appropriate actions to mitigate them
Support the evaluation, selection and delivery of information security solutions and projects.
Interface with others teams within and outside the IT department in the process of delivering security solutions.
Liaise with vendors, suppliers and partners to ensure effective optimization, adoption and delivery of solutions.
Carryout other activities as instructed by the Head, Information Risk Management.

Educational Requirements

First Degree or equivalent in Computer Science / Engineering, Electrical / Electronic Engineering or other numerate science.
Minimum of Six (6) years relevant work experience, with at least three (3) years in enterprise information security management or IP networking (planning, support) and three (3) years in a supervisory role.
Possession of relevant IT and telecommunication certification including CISA, CISSP, CISM,CEH, ISO27001 etc.
Broad experience across the IT/network architecture stack
Good understanding of telecommunication business and technology model.
Good understanding of business analysis and project management methods.
Very good conceptual and analytical thinking skills
Good interpersonal and communication skills.

Application Closing Date
Not Specified.
How to Apply
Interested and qualified candidates should:
Click here to apply online

To apply for this job please visit


Hi there 👋
It’s nice to meet you!

Sign up to receive awesome content in your inbox.

We don’t spam! Read our privacy policy for more info.