Senior Manager Regional Information Security 1 year Limited Duration Contract MTN Vacancy
Senior Manager Regional Information Security 1 year Limited Duration Contract MTN Vacancy
MTNVAC-354
Senior Manager: Regional Information Security (1 year Limited Duration Contract)
Johannesburg
Manco
Group Information Security Office
Level 3H
Mission/ Core purpose of the Job
The Senior Manager Regional Information Security serves as a representative of Group Information Security, accountable for the information security of the Tier 2 and Tier 3 Opcos in MENA region. The Regional Security Managers will work closely with the Group Information Security team and are primarily accountable to implement, govern, cascade and integrate Information Security processes, policies, standards, tools and practices of Tier 2 and 3 Opcos in the respective Region.
The Regional Security Roles acts as a critical conduit between the Group Information Security team and the respective Opcos to ensure that the overall Information Security practices are consistent, efficient and in line with business strategies outlined for the region.
The Regional Security Role is responsible to deliver on the commitment of Group Information Security regional steering objective and serves as the accountable partner to one of the three regions (as allocated).
The Regional Security role reports to the GM: Group Information Security Program Management
Context (Global influences, environmental / industry demands, organizational mission etc.)
MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. Increased focus in the Commercial areas, new products and services, scaling up of Digital and Fintech capabilities, it is important to recognize the need to secure MTN’s Platforms, Applications, Networks and Systems from new threats and vulnerabilities. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates. The incumbent must therefore ensure the successful delivery in context of:
- An expertise-based multicultural organisation
- A dynamic and evolving field of Telecommunications
- Revolutionary workforce practices which are bringing together global labour markets
- Convergence in markets and exploration of non-traditional revenue streams requiring complex interpretation and structuring
- Evolving industry sector constantly presenting new challenges and opportunities to the core businesses
- Rapid horizontal and vertical expansion of MTN, in terms of size, products, customers and geographic distribution
Key Deliverables
- The Senior Manager Regional Information Security will be accountable to achieve the following objectives:
Strategy Implementation
- Oversee the development of country specific Information Security plans for each of the OPCOs within the region in alignment with the Group Information Security priorities and plan while addressing local country needs
- Implementation of the Information Security Policy and Standards in line with the overarching Group and local business goals and Group InfoSec priorities
- Conduct regular reviews of the information security effectiveness in the Opcos within the region to ensure its alignment with the changing dynamics of the internal and external ecosystem, products and services being launched
Governance
Strategic & Operational Meetings
- Drive adequate risk mitigation and controls and elicit inputs from relevant parties
- Perform evaluation baseline of Service Level Agreements (SLAs) and KPIs
- Drive approval process on new initiatives
- Prepare proposal on change initiatives SLA, policies and procedures
- Manage and provide solutions to escalations that have multiple processes / functions impact on critical path of service delivery
- Review and finalise objectives, targets and budgets for the Regional Information Security team as applicable
- Review key risks, issues and dependencies and set mitigation actions
- Sign-off / make decisions regarding tactical changes
Performance
- Monitor OPCO and individual performance and alignment with MTN Global Information Security Strategy
- Ensure alignment between Regional Information Security manager, Global Expertise Functions, RVP Office, and Opco Information Security teams
Reporting
- Report on a monthly basis to the GM: Group Information Security Program Management relating to progress made within the function and in accordance with the measurement metrics set by the organisation
- Provide regular feedback to key stakeholders within the OPCOs and Group in alignment with the OPCO Plans and KPI’s
Budgets
- Develop and manage project initiative budgets in line with business objectives
- Ensure that the cost of operations is reduced, in line with a least cost operating strategy stemming from the business drivers
- Facilitate the development of OPCO Security budgets in alignment with Group direction and local OPCO requirements
Operational Delivery & Execution
- Oversee and proactively manage the ways of working between the Hub and Spoke Opcos, in line with the agreed terms and SLAs
- Moderate and proactively address operational challenges between the Hub and Spoke Opcos
- Establish and lead the overarching Regional Information Security strategy and governance model for the various Regions
- Ensure the Regional Information Security support and drive continuous improvement initiatives in the regions with respect to Information Security operations, governance, and architecture.
- Provide regional perspectives and inputs to Global InfoSec teams to enable globally relevant business/Information Security solution designs
Job Requirements (Education, Experience and Competencies)
Education:
- Minimum of 4-year tertiary degree / diploma (Bachelor of Science, Engineering or related field)
- MBA or Masters (advantageous)
- CISSP Certification
- Other preferred certifications are: CISA, CISM, CBCP, ISO 27001 Lead Auditor or Lead Implementer
- Prince 2 (advantageous)
Experience:
- Minimum of 10 years of working experience in the Information Security domain
- Experience in the Financial Services or telecommunication sector is advantageous
- Minimum of 4 to 5 years of Senior Management experience
- Experience in Information Security related Governance, Enterprise Risk Management and Compliance
- Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
- Advanced working understanding of the information technology environment of a telecom company
- Worked across diverse cultures and geographies
- Pan Africa multi-cultural experience is advantageous
Competencies:
Functional Knowledge:
- Risk assessment procedures, policy formation, role-based authorization methodologies, authentication technologies and security attack pathologies
- Cyber defence
- Security architecture
- Security operations
- Data protection
- Resiliency
- Secure development lifecycle
Skills
- Business Acumen
- Analytics and Interpretation
- Strategic Thinking
- Organizational Agility
- Digital mind-set
- Dealing with ambiguity and complexity
- Decision Making
- Conflict Management
- Negotiation
- Financial and Numerical
- Project Management
- People Management
- Executive Presentation
Behavioural Qualities
- Adaptable
- Complete candour
- Culturally aware
- Emotional Maturity
- Innovation
- Integrity
- Leadership
Team Player