David Okenwa Email and Phone Number

• Provide oversight and serve as the leadership point of contact for all cybersecurity related activities• Oversight of cybersecurity programs and related stakeholders which includes (but not limited to) Security Policies, Third Party Risk and Compliance Management, Regulatory Audits and Compliance Management, Metrics, Risk and Performance Indicators, Executive and Board Reporting, Security Awareness and Training• Establishing and maintaining strategies for ensuring compliance with guiding cybersecurity standards such as ISO 27001, PCIDSS and other applicable regulatory and best practice requirements• Measuring and reporting compliance with cybersecurity requirements.• Responsible for the development of Security Risk Management using continuous self-assessments and executive reporting • Ensure proactive identification and timely remediation of cybersecurity related deficiencies• Ensure oversight over cybersecurity controls to ensure effectiveness, compliance and adherence to key controls and policies and drive its remediation efforts• Refining and deploying awareness training, and engagement strategies and materials to ensure the banks workforce is sufficiently knowledgeable to protect against cybersecurity threats, risks, and vulnerabilities.• Provide continuous input to the CISO and help measure the cybersecurity risk posture of the bank

1. Update Application Security Checklist for inhouse, outsourced and off the shelf application using ISO Policy, NIST and CBN Framework2.Review New Application BRD document in Compliance with CBN framework and ISO policy3. Quarterly Code Review4. Quarterly Application Vulnerability Assessment 5. Post Implementation Review of deployed application6.New Application ReviewEnsure that all in-house applications are developed in-line with secure coding practices such as threat modeling, input validation, least privilege, defense in-depth, and fail secure whilst mitigating against OWASP vulnerabilities. These applications shall also be thoroughly tested by a team of qualified software testers and business/application owners.7. Swift Application Vulnerability Assessment and Log source review8.Biometrics Application review

• Ensure compliance of Information Security Policies• Conduct Risk assessment and recommend mitigation• Develops and maintains the Incident Management tracking systems to support incident management processes.• Promotes, inspects, and ensures that the Incident Management process is used correctly to comply with incident management policies & procedures to effectively restore service.• Review a high volume of incident tickets• Categories risk in terms of impact• Ability to identify to understand any incident/fault on a basic level (at least) to use the appropriate competences (resources)• Identify the damage caused by an incident (Operational, financial, legal, liability, reputational)• Escalates the incident condition to Line Management if service levels are threatened or are expected to be breached for other management groups to develop actions.• Liaise with information/systems owners to consider the risk factors• Ensure that all appropriate actions have been taken to mitigate the impact of the incident and identify further action needed to reduce the risk of a future breach of this kind.• Correlate with previous and present incidents. Identifies recurring outages through trending analysis, and with other IT functions develops plans to assure maximum security.• Ensure that Incidents are resolved in a proper and timely manner and the resolutions adhere to objectives set forth in Service Level Agreements. Drive the restoration team to gather sufficient information to start an analysis• Maintain a general overview of the incident (keeping the focus on the restoration via a workaround)• Obtain guidance on priorities to the team’s starting the immediate urgent unexpected recovery work• Identifies training requirements of the incident staff and ensures that proper training is provided to meet the requirements.• Participates in on call responsibilities, providing situational leadership for high severity events for quick fix

Provide excellent customer support to ATM Managed Services• Monitor daily operations of contractor performance under ATM Management Program.• Perform general problem solving and technical and hardware support to customers by phone and/or email on matters pertaining to ATM performance and problem resolution.• Track, monitor, troubleshoot and follow up on calls and issues escalating as necessary.• Compile information and prepare statistical reports.• Work with supervisor to ensure that customers always receive the best service and support as possible.• Plans and schedules the installation, de-installation and relocation of the bank's ATM machines. ATM’s Operating System Installing and re-installing.• Trouble shooting incident abnormalities in ATM’s operating system to meet required standard.• Solidifying ATM’s operating system using Windows-XP with Mc@fee solidcore for securing the ATM.• Logging remotely from client’s head office to drop patches for ATM’s operating system as a hot fix for certain incident abnormalities.• Upgrading ATM operating system from Windows-XP to Windows 7 for various banks.• Building Windows 7 image from scratch for various banks.

ATM quarterly preventive maintenance of hardware parts.• ATM repairs of hardware parts.• ATM staging and activation.• Re-installing ATM operating system.• Re-cabling of ATM cables when all troubleshooting fails.• First level maintenance training to client’s ATM custodians.

ATM quarterly preventive maintenance of hardware parts.• ATM repairs of hardware parts.• ATM staging and activation.• Re-installing ATM operating system.• Re-cabling of ATM cables when all troubleshooting fails.• First level maintenance training to client’s ATM custodians.