Manager - Information Security Architecture.Information Security

Security is entering a new phase where the architecture and systems between IT and the Mobile Network are now using shared platforms or infrastructures. There is an increased focus in the security of these networks and across all areas of the business. The introduction of cloud has blurred the lines between a traditional IT security professional and a Mobile Network Security function. The candidate is further responsible for vetting and advising all OPCO’s in the MTN portfolio on Core network, Digital and IT security related projects, including software developed in house by S2 COE.  The candidate is also responsible to support Fintech and Infraco security colleague in designing robust and secure architecture for the platform business The incumbent must therefore ensure the successful delivery in context of:
-    An expertise-based multicultural federated organisation 
-    A dynamic and evolving field of information security 
-    Revolutionary workforce practices which are bringing together global labour markets
-    Evolving industry sector constantly presenting new challenges, opportunities and threats to the core businesses
-    Dynamic legal and regulatory environment (with specific focus on data sovereignty and privacy/data protection)
-    Agile ways of working
-    Hybrid networks (cloud and on-premises)

 Values (Our Culture)

We at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us,
Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

Live Y’ello
•    Lead with Care
•    Can-do with Integrity
•    Collaborate with Agility
•    Serve with Respect
•    Act with Inclusion

 Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)
The Manager Information Security Architecture is responsible for the following deliverables
-    Develop information security solution architectures (e.g., people, processes, technology);
-    Develop information security reference architecture (IT & telecoms) to manage threats, monitor implementation & compliance; support the design of security reference architecture for both Fintech and Infraco
-    Assist with the refinement of MTN Information Security reference architecture and test the architecture against pilot implementations and ongoing OPCO implementations
-    Obtain inputs and validate the MTN information security reference architecture with key MTN partners; 
-    Responsible for design of information security solution architectures for group wide risk mitigation of key risk areas including standardised security architecture, security monitoring, and vulnerability management;
-    Develop reference architectures for specific technical security solutions
-    Assist OPCOs and platforms with technical security solution designs 
-    Determine a holistic view of security requirements by evaluating current security operations and requirements; researching information security standards; studying architecture/platform; identifying integration issues and preparing cost estimates;
-    Assist in the evaluation of outsourced / third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of MTN’s information;
-    Ensure the development of security architectural and development standards for all components of key application stacks (OS, DB, Middleware, Web etc.) and cloud environment (in collaboration with CCOE);
-    Maintain a 3 - 5 years security architecture road map with budget requirements to prevent future cybersecurity attacks. Articulate the solution to senior management to receive executive buy-in
-    Support the activity of the Architecture Working Committee (AWC) and support the periodic request of the architecture principles related to information security 
-    Support AI working group and the definition of “security guardrails” as part of the Responsible AI initiatives
-    Support the network standardization activities of the GSMA Fraud and Security Group (FASG)
-    Assist with management of divisional budgets in line with business objectives and facilitate forecasting;
-    Manage project initiative budgets in line with business objectives; and
-    Drive initiatives that will ensure that the “cost of operations” are reduced, in line with a least cost operating strategy stemming from the business drivers
-    Work with the Senior Manager: Information Systems in order to implement the overall information security architecture requirements and framework, overarched by the business risk strategy;
-    Responsible for the implementation of the information security architecture roll-out definition and actualization via third parties;
-    Roadmap definitions for security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements

5. Job Requirements (Education, Experience and Competencies)
Education:
-    4/6-year Information Technology/ Information Systems/ Engineering (or related) Degree
-    Master’s in business administration is advantageous
-    CISSP/CISM/CEH/CSSP (one of)
-    SABSA and/or TOGAF qualification will be an advantage
-    Cloud certifications (Azure, GCP, AWS) will be an advantage
-    DevSecOps certifications will be an advantage
-    IA and responsible AI certifications will be an advantageOther Architectural qualifications (ITIL, TMF, COBIT) will be an advantage

Experience:
-    3-5 years of relevant work experience in Information Technology (specifically security)
-    Experience in designing and implementing organisation wide information security systems architecture
-    Experience in managing and implementing large scale information security projects
-    Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
-    Good understanding of the information technology environment of a telecom company

Functional Knowledge: 
-    Knowledge of technical security disciplines, specifically around security architecture, engineering, and solution delivery
-    Knowledge and experience across security products, tools, and industry trends: e.g. Mobile Network Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security,  generative and analytical AI models and safeguards, Application integration and Infrastructure Security, Security Frameworks (ISO27001, COBIT, NIST etc.), security attacks pathologies, wired and wireless security, and cyber laws and ethics
-    Security protocols, communication protocols, cryptography, authentication and authorisation across mobile networks and systems
-    Implementation of multi-factor authentication, single sign-on, identity management or related technologies
-    Working knowledge of current security risks, risk management and assessments
-    Deep understanding of the MTN business and technology strategy 
Skills
-    Strong Analytics/data interpretation and presentation skills
-    Learning, self-development and continuous improvement
-    Detail orientation and high standards on work performed
-    Negotiation skills, Interpersonal skills, conflict management and problem solving
-    Stress Management and Emotional Intelligence

Behavioural Qualities
-    Analytical, organised and methodical
-    Operationally astute, proactive, detail-oriented
-    Results drive team player