MTN Nigeria is part of the MTN Group, Africa\'s leading cellular telecommunications company. On May 16, 2001, MTN became the first GSM network to make a call following the globally lauded Nigerian GSM auction conducted by the Nigerian Communications Commission earlier in the year. Thereafter the company launched full commercial operations beginning with Lagos, Abuja and Port Harcourt. MTN paid $285m for one of four GSM licenses in Nigeria in January 2001. To date, in excess of US$1.8 billion has been invested building mobile telecommunications infrastructure in Nigeria. Since launch in August 2001, MTN has steadily deployed its services across Nigeria. It now provides services in 223 cities and towns, more than 10,000 villages and communities and a growing number of highways across the country, spanning the 36 states of the Nigeria and the Federal Capital Territory, Abuja. Many of these villages and communities are being connected to the world of telecommunications for the first time ever. The company\'s digital microwave transmission backbone, the 3,400 Kilometre Y\'elloBahn was commissioned by President Olusegun Obasanjo in January 2003 and is reputed to be the most extensive digital microwave transmission infrastructure in all of Africa. The Y\'elloBahn has significantly helped to enhance call quality on MTN network.
Mission:
To be involved in all facets of Information security controls design, implementation, control assessments and optimization; implementation of ISO and NIST controls in line with the approved Cybersecurity Strategy; implementation of secure resilient technology that supports the business processes within MTN Nigeria. The position includes the development, implementation and maintenance of quality plans and procedures that allows MTNN to respond to industry standards, relevant legislation and current best practices.
Description:
- Ensure implementation of technical security standards/baselines across MTNN’s technology platforms as well as ongoing monitoring and reporting of compliance against the standards.
- Ensure the integration of the MTNN’s technology platforms into the security compliance and monitoring eco-system both at opco and Group level then regularly confirm and report on ongoing effectiveness.
- Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
- Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
- Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
- Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
- Lead IT Controls Assessments and compliance exercises.
- Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
- Monitor the effective cascading of the Compliance strategy into the Compliance Monitoring business plans to ensure vertical alignment and horizontal integration with other interfacing strategies.
- Monitor compliance to Information security policies, procedures and standards via a robust information security program/plan depicting continuous planned and ad-hoc audit and review exercises.
- Liaise with other relevant functions/stakeholder to implement information security as defined by MTN Nigeria.
- Manage escalating issues (within the information security domain) along with relevant stakeholders.
- Assist relevant business owners and custodians in identifying and setting activities logs, audit trails, functional and technical requirements, and ensure adequate custody of such.
- Provide adequate support for any escalated information security issues (when needed).
- Perform Problem, Change, and Release & Configuration Management as it pertains to Information Security.
- Specify, assist and delegate information security system integration concepts into SDLC process.
- Drive the Automation of the Security Baseline configuration using Enterprise tools.
- Serve as an internal information security consultant to MTN and advise on trending information security technologies/related regulatory issues.
Education:
- Minimum of First Degree in Computer Science, Engineering, Information Technology/Systems or any related discipline preferred Certifications:
- Any of Certified Information Security Manager (CISM) or Certified Information Security Systems Professional (CISSP) will be advantageous,
- A combination of Certified Information Systems Auditor (CISA) and any of Certified in Risk and Information Systems Control (CRISC) or Certified in Governance of Enterprise & IT (CGEIT), CCNA Security, CompTIA Security.
Experience:
3-7 years of work experience which includes:
- Experience working in the Information Security domain.
- Experience in the Cybersecurity Consulting, Digital Risks or Telecommunication sector is advantageous
- Proven experience in Information Security related Governance, Technology Risk Management and Compliance, ITGCs & Automated Controls.
- Experience conducting regular risk assessments to identify, evaluate, and prioritize cyber risks across the organization's systems, applications, and processes.
- Experience in Data Privacy controls including knowledge of Data Privacy regulations.
- Technical experience around Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, Technical systems baseline governance & Implementation.
- Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring that the implementation adheres to standards and best-practices.
- Knowledge of SQL is desirable – minimum Intermediate.
- Experience with database security administration tools, security assessments and secure database configuration.
Method of Application
Signup to view application details.
Signup Now