Chief Information Security Officer

Job Description

Job Title: Chief Information Security Officer (CISO)

Department: Information Security / Executive Management

Reports To: Group Managing Director / Chief Executive Officer

Supervises: Cybersecurity, IT Risk, Data Privacy, and Infrastructure Security Teams

Location: Abuja, Nigeria

Remuneration: 32-40 million per annum

Company: Barnksforte Group Limited

Company Overview

Barnksforte Group Limited is a technology and innovation company committed to delivering secure, scalable, and transformative digital solutions across sectors such as government automation, digital identity, financial technology, education, and enterprise services.

Our solutions power critical systems that support national development, business growth, and digital transformation. Security, integrity, and data confidentiality are at the heart of everything we build.

To strengthen our cybersecurity framework and governance capacity, we are seeking a visionary Chief Information Security Officer (CISO) to join our executive leadership team and drive the Group's information security, risk management, and compliance strategy.

Position Summary

The Chief Information Security Officer (CISO) will provide strategic leadership and direction in all matters related to information security, data protection, and IT risk management across the Group and its subsidiaries.

The CISO will be responsible for establishing, implementing, and maintaining an enterprise-wide security framework that safeguards the Group's information assets, technology infrastructure, and digital platforms including government service portals, fintech systems, and enterprise solutions.

This role demands a high level of expertise in cybersecurity, regulatory compliance, risk governance, and digital trust management, coupled with strong leadership to guide cross-functional teams and align security initiatives with organizational objectives.

Key Responsibilities

1. Strategic Information Security Leadership

• Develop and execute a comprehensive Information Security Strategy that aligns with Barnksforte's business goals and digital transformation agenda.
• Provide expert guidance to the CEO and Board of Directors on cybersecurity risks, regulatory compliance, and emerging threats.
• Define and enforce security policies, standards, and frameworks across all subsidiaries and technology platforms.

• Oversee security governance in major projects, including government automation systems, fintech platforms, and enterprise infrastructure deployments.

• Cybersecurity and Risk Management

• Establish and manage an Enterprise Information Security Risk Management (ISRM) program that identifies, assesses, and mitigates cybersecurity threats.

• Lead the design and implementation of controls aligned with frameworks such as ISO 27001, NIST, CIS Controls, PCI DSS, and NDPR.
• Oversee threat intelligence, incident response, vulnerability assessments, and penetration testing across cloud, on-premises, and hybrid environments.

• Coordinate security reviews for major technology initiatives to ensure secure architecture and compliance from inception.

• Data Protection and Compliance

• Ensure adherence to data protection and privacy regulations (including NDPR, GDPR, and other applicable local/international standards).

• Collaborate with legal, audit, and compliance departments to ensure corporate governance in data handling and information security.

• Oversee third-party and vendor security management programs to reduce external risk exposure.

• Infrastructure and Application Security

• Implement robust security for cloud environments (AWS, Azure), enterprise networks, and application development lifecycles (DevSecOps).

• Lead teams in deploying advanced cybersecurity tools — including SIEM, EDR, firewalls, encryption, MFA, and intrusion detection systems.
• Ensure continuous monitoring, patch management, and zero-trust architecture integration.

• Work closely with IT operations to secure fintech platforms, payment gateways, and government e-service portals from end to end.

• Incident Response and Business Continuity

• Establish and maintain a Security Operations Center (SOC) and Incident Response Framework for rapid detection, escalation, and resolution of security events.

• Develop and test Business Continuity and Disaster Recovery (BCDR) plans to ensure resilience and operational uptime.

• Conduct periodic simulation drills to strengthen readiness and employee awareness.

• Leadership and Capacity Building

• Build and lead a high-performing Information Security and Risk Management team.

• Provide mentorship and training to strengthen cybersecurity competencies across the organization.
• Promote a security-conscious culture through continuous education, awareness campaigns, and proactive communication.

Qualifications and Experience

• Bachelor's degree in computer science, Information Security, Information Technology, or related discipline.
• Master's degree (MBA or MSc in Information Security, Cybersecurity, or Technology Management) preferred.
• Minimum of 10–15 years of progressive experience in information security, IT governance, or risk management, with at least 5 years in an executive or senior leadership capacity.
• Proven track record in leading enterprise cybersecurity initiatives within technology-driven or government digital service environments.
• In-depth understanding of fintech systems, payment platforms, API security, and infrastructure security architecture.
• Comprehensive knowledge of global cybersecurity standards and frameworks (ISO 27001, NIST, CIS, COBIT, OWASP, NDPR, GDPR, PCI DSS).
• Professional certifications such as CISSP, CISM, CISA, CRISC, CEH, ISO 27001 Lead Implementer/Auditor are required.
• Strong leadership, communication, and crisis management skills with demonstrated ability to collaborate across executive and technical teams.

Core Competencies

• Strategic cybersecurity governance
• Risk and compliance management
• Cloud and infrastructure security
• Data privacy and regulatory compliance
• Crisis and incident response leadership
• Business continuity and resilience planning
• Vendor and stakeholder management
• Innovation and digital trust enablement
• Executive communication and influence

Performance Indicators

• Reduction in cybersecurity incidents and vulnerabilities.
• Compliance with regulatory and audit requirements (NDPR, ISO, PCI DSS, etc.).
• Timely incident detection, containment, and response.
• Employee cybersecurity awareness and training participation.
• Business continuity and resilience effectiveness across operations.
• Measurable improvement in overall security posture and stakeholder confidence.

Compensation and Benefits

Barnksforte Group offers a competitive executive compensation package commensurate with qualifications, experience, and performance. Benefits may include health insurance, performance bonuses, housing and transport allowances, and professional development support.

Suitably qualified candidates can send their Curriculum Vitae & Cover Letter to -