Anthony Nwosu MSc, MBA, CISA, CISM

Experience

• 

  Mainstreet Bank Limited (now part of Polaris Bank)

  Aug 2011 - Oct 2015

  Head, IT Systems Control

  Managed rigorous application controls testing, enhancing the security and integrity of system applications through comprehensive evaluations and actionable improvement recommendations. Assessed risks and secured integrations for third-party system interfaces with company systems, guaranteeing compliant and secure external IT service interactions. Oversaw user access provisioning, implementing strict controls to safeguard sensitive information and prevent unauthorised access. Conducted thorough reviews of system configuration and parameter updates, reinforcing a stringent change management process for IT system stability and security.● Led detailed user and systems activity monitoring initiatives to identify and mitigate potential security threats or policy infractions, strengthening the IT security framework.● Maintained unwavering compliance with the company's IT Control policy, ensuring all technology operations met the highest standards of security and regulatory conformity. Show less

• 

  ProvidusBank Plc

  Nov 2015 - Feb 2018

  Head, IT Security & Controls

  Provided executive assurance on IT Security Compliance, aligning with internal and regulatory standards to uphold top-tier IT security and compliance practices. Managed the deployment of security technologies to safeguard information security assets, showcasing leadership and technical acumen in protecting critical data. Enforced strict change management procedures for IT deployments to control risks and maintain the integrity of the IT environment. Regularly conducted vulnerability assessments and led remediation efforts, enhancing the bank's resilience against cyber threats.● Founded the Information Security department at a newly established bank, laying the groundwork for comprehensive cybersecurity and risk management frameworks.● Successfully implemented a second-factor authentication solution, effectively eliminating fraud related to unauthorised access to critical business applications.● Deployed a network access control solution, achieving 100% accessibility for authorised users while completely blocking access to unauthorised individuals.● Rolled out a threat intelligence solution, significantly mitigating risks associated with corporate and individual identity theft, enhancing overall security posture.● Led initiatives to implement robust security controls across core and critical business applications, significantly bolstering the bank's security posture.● Launched an extensive cybersecurity awareness and training programme, cultivating a strong culture of security mindfulness.● Developed policies to secure all IT assets, ensuring a protected and dependable IT environment for the bank's operations.● Seamlessly integrated the IT Security function with Risk and Control functions, facilitating comprehensive risk management and supporting the bank's strategic objectives. Show less

• 

  TotalEnergies Coop NG

  Feb 2018 - Mar 2022

  Head, Risk Management & Controls

  Managed the monitoring, planning, and testing of information systems controls to ensure ongoing efficacy and compliance with industry standards. Performed due diligence reviews on vendors and business partners, safeguarding the supply chain and external partnerships' security and integrity. Conducted regular vulnerability assessments to strengthen organisational defences against cyber threats. Coordinated with process owners to design and align information system controls with business needs, optimising operational efficiency and security.● Spearheaded risk management initiatives with a focus on technology, enhancing IT system and user controls to mitigate risks in business applications and manual processes.● Led the deployment of Network Access Control, established comprehensive physical and logical security controls, and executed internal and external vulnerability and penetration tests, significantly reducing risk by implementing two-factor authentication across critical systems within 18 months.● Developed and delivered employee training on cybersecurity and fraud trends, significantly enhancing awareness and promoting a culture of security mindfulness. Show less

• 

  TotalEnergies Staff Housing Cooperative Multipurpose Society Limited (TEHC)

  Mar 2022 - Sept 2023

  Head, Internal Control, Risk & Audit

  Collaborated with stakeholders to formulate work policies and monitor adherence, skilfully adapting internal and IT controls to support work-from-home arrangements, demonstrating flexibility and forward-thinking in risk management. Lead the design and execution of risk mitigation controls to address identified vulnerabilities in business and IT processes, establishing a comprehensive risk management framework. Guide the organisation through change management processes, ensuring smooth transitions and alignment with strategic goals. Conduct routine and periodic reviews, including transaction and processing system audits, to identify and correct anomalies, guaranteeing operational excellence and regulatory compliance. Execute due diligence evaluations of third-party vendors and business partners, safeguarding the integrity and security of external relationships and supply chains.● Established the governance system and structure from scratch, crafting a solid foundation for effective risk management and achievement of corporate objectives.● Developed and implemented the three lines of defense (3LoD) that thoroughly addressed all aspects of business, operations, and technology processes, enhancing organisational resilience.● Ensured the reliability of IT and automated processes, maintained the validity and integrity of data, and protected information assets, underscoring a strong commitment to cybersecurity and information integrity.● Elevated cybersecurity awareness and understanding of fraud indicators among employees, significantly reducing risk through proactive education and engagement. Show less