INFORMATION SECURITY GOVERNANCE ENGINEER AT RENMONEY | ENGINEERING JOBS IN LAGOS

About Company:

Renmoney - We’re a passionate team determined to challenge the status quo and make financial inclusion count for the millions of underbanked individuals and small business owners in Nigeria. We provide loans, savings, and fixed deposit solutions to our customers. Our vision is to be the most convenient lending company, delivering outstanding service experience.

Job Description:

Governance & Policy:

• Develop, review, and maintain information security policies, standards, procedures, and guidelines.
• Ensure alignment with recognized frameworks and standards (e.g. ISO/IEC 27001, PCIDSS, CBN Cybersecurity Framework).
• Define security governance structures, roles, and decision‑making processes.

Risk Management:

• Support enterprise information security risk assessments and risk treatment plans.
• Maintain the security risk register and track remediation activities.
• Advise business units on risk acceptance, mitigation, transfer, or avoidance.

Compliance & Regulatory Assurance:

• Ensure compliance with applicable laws, regulations, and contractual requirements (e.g. NDPR, CBN Cybersecurity Framework, PCI DSS, ISO 27001).
• Coordinate internal and external audits, assessments, and certifications.
• Track and remediate audit findings and compliance gaps.

Metrics, Reporting & Assurance:

• Define and maintain security governance KPIs, KRIs, and dashboards.
• Prepare security posture reports for management, risk committees, and auditors.
• Support board‑level and executive reporting on information security matters.

Third‑Party & Vendor Security Governance:

• Support third‑party security risk assessments and due diligence processes.
• Review supplier security controls and contractual security clauses.
• Monitor ongoing compliance of critical vendors.

Awareness & Continuous Improvement:

• Support security awareness and policy training initiatives.
• Monitor regulatory changes and emerging governance trends.
• Drive continuous improvement of governance and control maturity.

Requirements:

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum of 5–9 years’ experience in information security governance, risk, and compliance (GRC).
• Hands-on experience implementing or managing security frameworks (e.g., ISO 27001, CBN Cybersecurity Framework, NDPR, PCI DSS).
• Strong understanding of risk management methodologies and control frameworks.
• Experience working with audits, compliance reviews, and regulatory requirements.
• Familiarity with security tools and platforms supporting governance and compliance activities.
• Experience in financial services, fintech, or telecommunications is an added advantage.

Salary

Application Closing Date: Not specified

Application Instructions:

Click the button below to apply