Information Security Manager at Duplo

• This is a unique opportunity. You'll have the responsibility and resources to take a significant part in the creation of a paradigm-changing product that will impact millions.

• Define and lead the strategic direction of our Information Security program in alignment with the Board-approved policies.
• Oversee the design and execution of enterprise-wide cybersecurity strategies to protect critical business information systems and assets.
• Develop and maintain an information security governance framework, ensuring appropriate accountability, risk management, and compliance with applicable laws and regulations.

Operational & Budgetary Management:

• Direct and manage the security operations, including security architecture, vulnerability management, identity & access management, incident response, and threat intelligence.
  Administer the information security budget, optimizing investments in tools, resources, and staff to support ongoing protection efforts.

Regulatory & Risk Management:

• Monitor and interpret national and global regulatory developments, cyber threats, and trends to proactively enhance our security posture.
• Serve as the liaison with the CBN, law enforcement, and other regulatory agencies on security-related matters, including audits and compliance reporting.
• Ensure compliance with CBN guidelines, NDPR, GDPR (where applicable), ISO 27001, PCI-DSS, and other security frameworks or standards.

Program Development & Implementation:

• Develop and continuously improve a comprehensive information security program, encompassing: Risk assessments and management, Data protection and encryption policies, Security awareness training ,Incident detection and response plans and Vendor risk management
• Lead information security planning across all business areas, including administrative, legal, financial, and technology functions.

Stakeholder Communication & Awareness:

• Report regularly to senior management and the Board on the status of the information security posture, risk exposure, mitigation actions, and resource needs.
• Drive a culture of cybersecurity awareness throughout the organization via continuous education and engagement.
• Collaborate with other business units to integrate security considerations into project planning and digital innovation initiatives.

• Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or related fields.
• Minimum of 7 years post-qualification experience, with:
  • At least 5 years in an IT security or audit role
• Strong knowledge of banking regulations, especially CBN Guidelines related to information and cybersecurity.
• Experience in leading incident response and crisis communication efforts.
• Familiarity with core banking systems, payment platforms, and financial technology infrastructures.
• Proven ability to build and lead high-performing security teams.
• Effective communication skills to convey complex security topics to non-technical stakeholders.

Professional Certifications in at least one of the following:

• Certified Information Systems Auditor (CISA)
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• ISO/IEC 27001 Lead Implementer or Lead Auditor
• Other relevant IT security/audit certification.