National Identity Management Commission Security Architect Jobs in Nigeria
National Identity Management Commission Security Architect Jobs in Nigeria
ObjectivesDefines the security architecture requirements of the enterprise
Defines the integrity and confidentiality of information within the enterprise
Ensures compliance of security technology suppliers
Assures compliance of enrolment partners
Scope of Sevices
The Security Architect shall:
Plan and design the security architectures of the ID4D project, following intense research and adaptation of global-best practices to Nigeria’s security laws and regulations;
Develop and implement coherent detailed security policies and regulations for the ID4D project;
Be responsible for the approval of ID4D network-related technologies (firewall, software, hardware, servers);
Monitor and ensure compliance of the ID4D project efforts with Nigeria and Donors’ security policies;
Anticipate security risks of the ID4D project and provide substantial input towards managing those risks;
Work with ecosystem partners to institutionalise security consciousness with regards to biometric data, as required by all relevant regulations and laws;
Organise regular vulnerability testing and security assessments, documenting lessons learnt from such sessions;
Provide instant solutions to security-related incidents, while also documenting detailed analysis of incidents and lessons learnt;
Provide input during budget planning, to ensure maximum data security during project implementation;
Regularly organise security-sensitization sessions for ecosystem partners;
Constantly recommended cost-effective IT solutions that guarantee a secure ID4D network;
Ensure all ID4D documents, ranging from bidding documents to contracts, inculcate the importance of security;
Ensure ID4D staff and contractors’ effectively handle security issues, providing solutions where needed;
Carry out any other relevant periodic duties assigned by the Technical Lead.
Qualifications
The Security Architect shall have the following minimum educational qualifications and experience:
MSc in Information Security or a related discipline, and one or more security certifications such as; Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) Certified in Risk and Information Systems Control (CRISC)
5 years’ experience as an Information Security or Cyber Security Technical Lead or Architect
Experience advising on and creating information security policies in accordance with Information security frameworks and regulations (e.g. ISO 27001, data protection legislation)
Hands-on experience across multiple areas of information security e.g. vulnerability management, penetration testing mechanisms, identity access management, Data Loss Protection, SIEM resources, Risk Management, endpoint detection, Ethical Hacking Techniques and the ability to rapidly analyze security vulnerability reports.
Demonstrable experience of technical risk analysis assessment and remediation
Strong understanding of current trends and developments in information security
Experience in working for any international donor-funded program will be considered an asset
Ability to understand interoperability standards, risk models, privacy and liability policies, requirement and accountability mechanism for an identity ecosystem.
Experience in projects involving multiple partner institutions will be considered an asset
Fluency in written and spoken English. Local languages are an asset
Detailed Skills and Experience
Description
Communication between technical and non-technical
Understands security concepts deeply enough to engage with security technologists and communicate in a language that is appropriate to the audience. Able to respond to challenges.
Design secure systems
Able to design secure system architectures through the application of patterns and principles, to meet user needs whilst managing risks.
Able to identify security issues in system architectures.
Ability to analyze existing security systems and report possible threats and software issues, research system weakness and proffer remediable solutions.
Enabling and informing risk based decisions
Ability to implement a risk management process by performing risk assessment and evaluation; establishing the level of risk the Commission is willing to take and develop an effective risk budget and insurance.
Create and implement a business continuity plan, implement compliance audit and build risk awareness amongst employees and Contractors.
Capable of making and guiding effective decisions on risk, explaining clearly how the decision has been reached.
Able to make decisions proportionate to the level of technical complexity and risk.
Specific security technology and understanding Knowledge of system architectures.
Able to understand the risk impact of vulnerabilities on existing and future designs and systems and identify how easy or difficult it will be to exploit these vulnerabilities.
Hands on experience in security systems including intrusion detection system, anti-virus software, authentication systems, log management and auditing and network monitoring.
Thorough understanding of the latest security principles, techniques and protocols.
Analysi
Able to visualise, articulate and solve complex problems and concepts by interrogating and using data or intelligence to formulate and influence plans.
Able to interpret complex business and technical issues.
Can identify and recognise a viable solution or control.
Understands and links complex and diverse sets of information to inform the response and approach, for example identifying vulnerabilities and their impact.
Managing user privileges
Ability to establish effective management processes and regulate the use of privilege roles and accounts.
Limit user privileges and monitor user activity.
Control access to activity and audit logs.
Incident Management
Proven capability to establish an incident response and disaster recovery system.
Ability to test incident management plans, resolve and report criminal incidents and provide incident management training to staff.
Monitoring
Ability to establish a monitoring strategy and produce supporting policies.
To continuously monitor all systems and networks, analyse logs for unusual activities that could indicate an attack.
Remote and mobile working
Develop a remote or mobile working policy for all users.
Apply all security baseline for all devices while protecting data both in transit and at rest.
Facilities and Information Provided
Adequate office space, with furniture and internet facilities, shall be assigned to the Security Architect.
Duration
The duration of the assignment is initially for 12 months but will renewed subsequently on an annual basis subject to satisfactory performance.
The contract type is Time Based.
How to Apply
For more information and job application details, see; National Identity Management Commission Security Architect Jobs in Nigeria
Find Latest Jobs in Nigeria Today - Recruitment in Nigeria Job - Nigerian Jobs - in Nigeria - Job Vacancies in Nigeria
Search our career portal & find the latest Nigerian job positions,career opportunities & jobs in Nigeria.
Jobs in Nigeria - banking jobs in Nigeria, IT jobs in Nigeria,accounting jobs in Nigeria, NGO jobsin Nigeria, business administration in Nigeria, ICT jobs in Nigeria, UN jobs in Nigeria,procurement jobs in Nigeria, education jobs in Nigeria, hospital jobs in Nigeria, human resources jobs in Nigeria, engineering jobs in Nigeria, teaching jobs in Nigeria, and other careers in Nigeria.
Oil and Gas job vacancies in Nigeria, MTN jobs in Nigeria, job vacancies in Nigeria for fresh graduates.
Federal government jobs in Nigeria, job vacancies in Nigeria Federal Civil Service.
Find your dream job from 1000s of vacancies in Nigeria posted and updated daily - click here!
Click here to post comments
Join in and write your own page! It's easy to do. How? Simply click here to return to NGO Jobs in Africa.
