Senior Specialist: Security Application and Middleware
  • South Africa Roodepoort
  • MTN
1 year before
31.12.2023
Securely Provision
Systems Architecture
Job Description

MTN is an emerging market mobile operator at the forefront of technological and digital changes. We deliver a bold, new digital world to our customers across Africa and the Middle East – one of the world’s fastest-growing regions for mobile telecommunications. We believe everyone deserves the benefits of a modern connected life.


MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates. The Group’s Information Security function must therefore ensure the successful delivery in context of:

Rapidly changing ICT environment
The geographic complexity of MTN’s footprint across Africa and the Middle East
Management of executive and local shareholder expectations across all 19 OpCos
Achievement of top quartile operating efficiency and effectiveness through scale and common processes
Driving growth through business intelligence and standardization to maximize business impact
Management of customer and supplier expectations
Enhance MTN position as a leading network and system provider



As the Senior Specialist: Security Application and Middleware you will be responsible for delivering technical security solution designs, reference architecture designs, technical standards and configurations for the API and middleware stacks, including Azure APIM, APIGEE, Oracle Fusion etc. Special focus shall be given to ensuring that security policy management surrounding authorizations and authentication is included in API/middleware designs.


The “Must-haves” we are looking for are:

4 year Engineering/ Information Science Degree
CISSP, CISM, CGEIT certification (one of) or equivalent
Microsoft Certified: Azure Security Engineer Associate, Identity and access administrator associate, Azure security technologies.
Minimum 5 years’ experience in Information Security
Designing and implementing federated Microsoft Azure identity and API security systems architecture
Designing and implementing federated Google cloud platform API security systems architecture
Working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
Advanced working understanding of the information technology environment of a telecom company
Wide understanding of Security applications and capabilities is required to ensure secure deployment and operations of MTN key applications.
Mature understanding of the Hybrid cloud environment is required to support the legacy and cloud technology stacks and provide strategic guidance to the MTN OPCOs.



What will give an edge to your application:

Masters in Information Science



Are you passionate about working for a brand that believes and invests in YOU, whilst delivering the best value to those they serve?



Do YOU want to be a part of a mission that delivers a bold new digital world and enables the benefits of a modern connected life to everyone?



Then come and join us in leading digital solutions for Africa’s progress!



Closing date: 26th May 2023. Late applications will not be accepted.



Disclaimer:

MTN Group is an equal opportunity employer with an imperative and obligation to achieve its own set EE targets and the legislated Employment Equity targets. Preference will first be given to previously disadvantaged individuals/groups with a specific focus on females and differently abled persons.



If you have not heard from us within 14 days of closure of this job advert then you can assume your application has been unsuccessful.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0027   Knowledge of organization's enterprise information security architecture.
  • K0056   Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0291   Knowledge of the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
  • K0293   Knowledge of integrating the organization’s goals and objectives into the architecture.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0333   Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • K0487   Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
  • K0010   Knowledge of communication methods, principles, and concepts that support the network infrastructure.
  • K0565   Knowledge of the common networking and routing protocols (e.g. TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0122   Skill in the use of design methods.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • S0059   Skill in using Virtual Private Network (VPN) devices and encryption.
Required Abilities
  • A0008  Ability to apply the methods, standards, and approaches for describing, analyzing, and documenting an organization's enterprise information technology (IT) architecture (e.g., Open Group Architecture Framework [TOGAF], Department of Defense Architecture Framework [DoDAF], Federal Enterprise Architecture Framework [FEAF]).
  • A0027  Ability to apply an organization's goals and objectives to develop and maintain architecture.
  • A0060  Ability to build architectures and frameworks.
  • A0048  Ability to apply network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • A0061  Ability to design architectures and frameworks.