Senior Manager - Security Operations Centre

The Senior Manager: Security Operations Center (SOC) will be responsible management of the Cyber Security Operations Center, Incident Response, Vulnerability Management. The incumbent will oversee the delivery of these services to all OpCos and Platform business. The incumbent will also be responsible for driving anomaly detection and ensuring that MTN SOC security platforms are able to cover MTN Group’s attack surface by ensuring that the SOC is always driving the latest innovation in their detection methods.

Context

MTN is an emerging market mobile operator at the forefront of technological and digital changes. We deliver a bold, new digital world to our customers across Africa and the Middle East – one of the world’s fastest-growing regions for mobile telecommunications. We believe everyone deserves the benefits of a modern connected life. 

With the changing global business landscape, cyber risks organisations face are on the rise. If these cyber risks are not correctly managed, new vulnerabilities could compromise customer data confidentiality, integrity and availability, ultimately affecting the performance of networks and information systems.

To proactively manage our cyber risk exposure, MTN Group has established a Cyber Security Operations Centre (CSOC). The mission of the CSOC is to improve the security posture of the Group against the threats it faces as a consequence of its business activity in the cyberspace by helping to prevent, detect, mitigate and respond to cyberattacks and by acting as the cyber-security information exchange and incident response coordination hub for all the OPCOs. MTN’s CSOC provides a holistic approach to manage both external and internal threats’ lifecycle. The MTN CSOC service catalogue includes the following activities:

• SIEM - Implementation and management 
• SIEM - Intelligence 
• 24/7 Monitoring and Triage 
• Cyber Threat Intelligence 
• Threat Hunting 
• Vulnerability Management 
• Cyber Incident Response 

Values

We at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life. 

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us. 

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

Live Y’ello

• Lead with Care
• Can-do with Integrity
• Collaborate with Agility
• Serve with Respect
• Act with Inclusion

The Senior Manager SOC is responsible for the following Key Performance Areas

24/7 Monitoring and Triage Strategy Development

• Review and finalise 24/7 Monitoring and Triage and Threat Hunting input into the MTN cybersecurity strategy 
• Manage and monitor detailed business plans for 24/7 Monitoring and Triage and Threat Hunting in accordance with the frameworks, goals and targets agreed for the holistic Group CSOC function.
• Manage the 24/7 Monitoring and Triage contribution to the delivery of the holistic cybersecurity mandate and commitment.
• Oversee and manage the strategic alignment of the Group 24/7 Monitoring and Triage and in-country 24/7 Monitoring and Triage services performed by some OpCos.

Monitoring and Reporting 

• Review and finalise reports on the status and performance of 24/7 Monitoring and Triage as required. 
• Oversee the preparation of operational performance reports for 24/7 Monitoring and Triage.
• Summarise, consolidate and finalise the preparation of 24/7 Monitoring and Triage documents for MTN Information Security Leadership and MTN Group Leadership.
• Obtain the required approvals for 24/7 Monitoring and Triage expenditure. 
• Track, monitor and report on the 24/7 Monitoring and Triage expenditure.

Human Resource Management

• Participate in the recruitment and selection of direct reports according to organisation structure, job requirements, EE targets and guidelines.
• Lead, mentor and empower employees and manage change within 24/7 Monitoring and Triage to ensure a positive work environment in which employees develop and perform optimally. 
• Develop performance contracts for direct reports and ensure all work is completed in compliance with the performance contract.
• Manage people development initiatives, succession planning and talent management to meet performance standards.
• Drive a high performance culture by taking accountability for an effective well-articulated performance management process. 
• Facilitate formal and informal mentoring and coaching for subordinates to drive continued improvement in competency and capability. 
• Address discipline and workplace conflict through the initiation and coordination of consultative processes and implementation of appropriate policies procedures.

Stakeholder Management

• Inform the appropriate stakeholders of internal and external status, progress or matters that affect MTN Group, its OpCos and its business environment.
• Communicate strategies, plans and policies to all relevant stakeholders.
• Build and maintain relationships with internal and external stakeholders in order to ensure 24/7 Monitoring and Triage information, advice or opinions on relevant matters is made available and/ or communicated appropriately and timeously.
• Manage the relationship between 24/7 Monitoring and Triage resources at a Group and Opco level, as well as the processes that support this relationship, in order to maximise a collaborative working relationship between MTN Group and its OpCos. 
• Establish good external working relationships and collaborative arrangements with external service providers, cyber community of practices and/or other organisations to help achieve the goals of 24/7 Monitoring and Triage. 
• Represent the MTN Group CSOC at various forums and committees with a specific focus on 24/7 Monitoring and Triage.

Governance and Risk

• Ensure compliance to all MTN policies and procedures, as well as country specific regulation for the OpCo’s where 24/7 Monitoring and Triage delivers services. 
• Direct and ensure adherence to MTN compliance standards and risk management practices during the delivery of 24/7 Monitoring and Triage services.
• Approve changes in procedures within levels of authority.
• Maintain knowledge of, and monitor changes in relevant legislation and the regulatory environment, review and approve the systems that ensure compliance of 24/7 Monitoring and Triage and reduce risk, and oversee implementation thereof.
• Approve and manage Service Level Agreements or contracts within levels of authority for 24/7 Monitoring and Triage.

24/7 Monitoring and Triage 

• Monitor active 24/7 Monitoring and Triage projects on a daily basis.
• Ensure that no notable deviations from the initial prevision are made, and fixing such deviations should this be necessary.
• Provide oversight on the planning of tasks and the setting of delivery dates.
• Analyse improvements and recommendations help increase efficiency of tasks performed by subordinates.
• Review and finalise the development and update of the classification schema for MTN Information Security Incidents.
• Monitor adherence to the require procedures to ensure that the necessary, accessible and usable data is available at the necessary time to support the activities of the rest of the MTN areas (particularly Incident Response).
• Manage advanced investigation for level two and three incidents, following the incident management methodology.

Collaboration

Responsibility towards: 

• Key external stakeholders: External contractors & partners 
• Key internal stakeholders:  
  • GM: Group CSOC 
  • Group Information Security Team 
  • OpCo Information Security Head/ CIO/ CTO/ CTIO 

Education:

• Three year tertiary qualification in Computer Engineering or similar 
• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certified Ethical Hacker (CEH)
• Certified Cisco Certified Network Associates (CCNA)
• Certified GIAC Certified Incident Handler (GCIH)

Experience:

• 8 years of relevant work experience in 24/7 Monitoring and Triage.
• Previous management experience in a team-oriented workplace.
• Extensive knowledge and experience in technological solutions and security tools related to 24/7 Monitoring and Triage services.
• Extensive knowledge and experience handling tools used during the execution of 24/7 Monitoring and Triage projects, ensuring their operation and update at all times.

Other

• Fluent in English 
• Multi-country operations oversight experience 
• Willing and flexible to travel within Africa and Middle East
• Understanding of general regulatory requirements in the telecom industry as it relates to Cyber 24/7 Monitoring and Triage
• Global mindset to service worldwide operations
• Telecommunications industry experience would be beneficial 
• Pan Africa and Middle East multi-cultural experience would be beneficial

We are a purpose and value-led organization.

At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us. This is what we want you to experience with us!

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

We are delighted that you are considering us as your career partner to make a mark in the world. We look forward to your application!