Duplo is building the platform to power the next generation of financial services. Our mission is to help companies expand financial access for all. Our simple and powerful banking-as-a-service API helps companies quickly launch financial products.
We are recruiting to fill the position below:
Job Title: Information Security Manager
Location: Lagos
Employment Type: Full-time
Description
- This is a unique opportunity. You’ll have the responsibility and resources to take a significant part in the creation of a paradigm-changing product that will impact millions.
Responsibilities
Strategic Leadership & Governance:
- Define and lead the strategic direction of our Information Security program in alignment with the Board-approved policies.
- Oversee the design and execution of enterprise-wide cybersecurity strategies to protect critical business information systems and assets.
- Develop and maintain an information security governance framework, ensuring appropriate accountability, risk management, and compliance with applicable laws and regulations.
Operational & Budgetary Management:
- Direct and manage the security operations, including security architecture, vulnerability management, identity & access management, incident response, and threat intelligence.
- Administer the information security budget, optimizing investments in tools, resources, and staff to support ongoing protection efforts.
Regulatory & Risk Management:
- Monitor and interpret national and global regulatory developments, cyber threats, and trends to proactively enhance our security posture.
- Serve as the liaison with the CBN, law enforcement, and other regulatory agencies on security-related matters, including audits and compliance reporting.
- Ensure compliance with CBN guidelines, NDPR, GDPR (where applicable), ISO 27001, PCI-DSS, and other security frameworks or standards.
Program Development & Implementation:
- Develop and continuously improve a comprehensive information security program, encompassing:
- Risk assessments and management
- Data protection and encryption policies
- Security awareness training
- Incident detection and response plans
- Vendor risk management
- Lead information security planning across all business areas, including administrative, legal, financial, and technology functions.
Stakeholder Communication & Awareness:
- Report regularly to senior management and the Board on the status of the information security posture, risk exposure, mitigation actions, and resource needs.
- Drive a culture of cybersecurity awareness throughout the organization via continuous education and engagement.
- Collaborate with other business units to integrate security considerations into project planning and digital innovation initiatives.
Technical & Professional Requirements
- Bachelor’s Degree in Computer Science, Information Technology, Cybersecurity, or related fields.
- Professional Certifications in at least one of the following:
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP)
- ISO/IEC 27001 Lead Implementer or Lead Auditor
- Other relevant IT security/audit certification
- Minimum of 10 years post-qualification experience, with:
- At least 5 years in a senior management position
- At least 5 years in an IT security or audit role
- Strong knowledge of banking regulations, especially CBN Guidelines related to information and cybersecurity.
- Experience in leading incident response and crisis communication efforts.
- Familiarity with core banking systems, payment platforms, and financial technology infrastructures.
- Proven ability to build and lead high-performing security teams.
- Effective communication skills to convey complex security topics to non-technical stakeholders.
Application Closing Date
Not Specified.
How to Apply
Interested and qualified candidates should:
Click here to apply online