Manager: Regional Information Security and Awareness (SEA)
  • South Africa Roodepoort
  • MTN
1 year before
31.12.2023
Oversee and Govern
Cybersecurity Management
Job Description

MTN is an emerging market mobile operator at the forefront of technological and digital changes. We deliver a bold, new digital world to our customers across Africa and the Middle East – one of the world’s fastest-growing regions for mobile telecommunications. We believe everyone deserves the benefits of a modern connected life.


We are entering a new phase in our lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which we operate. The Group’s Information Security function must therefore ensure the successful delivery in the context of:

Rapidly changing ICT environment
The geographic complexity of our footprint across Africa and the Middle East
Management of executive and local shareholder expectations across all 19 OpCos
Achievement of top quartile operating efficiency and effectiveness through scale and common processes
Driving growth through business intelligence and standardization to maximize business impact
Management of customer and supplier expectations
Enhancing our position as a leading network and system provider
Constant dynamics and local challenges in the economic, regulatory and legal environments



As the Manager Regional Information Security and Awareness (SEA) you will be responsible for Regional co-ordination and execution of Information Security requirements and initiatives in line with the overarching Group and regional business goals and Group security framework. The role is accountable for the development and implementation of relevant strategies and frameworks, evangelizing relevant security policies, procedures and requirements and reporting and communicating to the OPCO’s and Group to enable a more secure environment and reduce risk to the company and its customers. The role will support the Senior Manager in the implementation of MTN’s regional information management and protection strategy to comply with the Group Information Security Policy, applicable regulatory requirements, and client expectations. You will also be accountable for streamlined implementation of Security programs across the OpCo’s in the region.



The “Must-haves” we are looking for are:

4-year Engineering/ Information Science Degree / Technical diploma.
CISSM and/or CISSP certification.
5 – 8 years of relevant work experience in Information Technology.
2 – 4 years of experience at a management level in the telecom industry.
Experience in planning, implementing, and supporting IT/Risk/Control services in a multi-country / Opco / branch environment.
Experience in implementing large scale information technology / networking projects.
Experience in Governance, Enterprise Risk Management and Compliance.
Experience working in Africa and Middle East and having a grasp of political, social, infrastructure and integrity challenges.
Advanced working understanding of the information technology environment of a telecom company.



What will give an edge to your application:

Information Security experience
Fluent in English, French and/or Farsi
Masters in Information Science
CISA, CRISC, CGEIT CBCP, ISO 27001 Lead Auditor or Lead Implementer certifications
ITIL Certification
Project Management certification



Are you passionate about working for a brand that believes and invests in YOU, whilst delivering the best value to those they serve?



Do YOU want to be a part of a mission that delivers a bold new digital world and enables the benefits of a modern connected life to everyone?



Then come and join us in leading digital solutions for Africa’s progress!



Closing date: 1st June 2023. Late applications will not be accepted.



Disclaimer:

MTN Group is an equal opportunity employer with an imperative and obligation to achieve its own set EE targets and the legislated Employment Equity targets. Preference will first be given to previously disadvantaged individuals/groups with a specific focus on females and differently abled persons.



If you have not heard from us within 14 days of closure of this job advert, then you can assume your application has been unsuccessful.

Quick response
Required Knowledge
  • K0001   Knowledge of computer networking concepts and protocols, and network security methodologies.
  • K0003   Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0054   Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities.
  • K0059   Knowledge of new and emerging information technology (IT) and cybersecurity technologies.
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0076   Knowledge of server administration and systems engineering theories, concepts, and methods.
  • K0087   Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design.
  • K0101   Knowledge of the organization’s enterprise information technology (IT) goals and objectives.
  • K0179   Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Required Skills
  • S0027   Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Required Abilities
  • A0163  Ability to interpret Communications Security (COMSEC) terminology, guidelines and procedures.
  • A0165  Ability to manage Communications Security (COMSEC) material accounting, control and use procedure.
  • A0177  Ability to recognize the unique aspects of the Communications Security (COMSEC) environment and hierarchy.