Senior Specialist - Network Security Architecture

Mission

Design and maintain MTN’s Network Security architecture to protect networks, systems and applications. This involves defining, planning, architecting and coordinating the implementation and maintenance of information security necessary to support the OPCO’s IT, Digital and Telecommunications network. This also includes optimisation and standardisation of information security across the enterprise, which includes the product and infrastructure lifecycle management and roadmaps across all IT infrastructure, mobile network and application platforms, including new builds for short-term renewals, medium and long term tactical and strategic plans.

Context 

Security is entering a new phase where the architecture and systems between IT and the Mobile Network are now using shared platforms or infrastructures. There is an increased focus in the security of these networks and across all areas of the business. The introduction of cloud has blurred the lines between a traditional IT security professional and a Mobile Network Security function. The candidate is further responsible for vetting and advising all OPCO’s in the MTN portfolio on Core network, Digital and IT security related projects.  The incumbent must therefore ensure the successful delivery in context of:

• An expertise-based multicultural federated organisation 
• A dynamic and evolving field of information security 
• Revolutionary workforce practices which are bringing together global labour markets
• Evolving industry sector constantly presenting new challenges, opportunities and threats to the core businesses
• Dynamic legal and regulatory environment
• Agile ways of working
• Hybrid networks (cloud and on-premises)

Values

We at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us,

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

Live Y’ello

• Lead with Care
• Can-do with Integrity
• Collaborate with Agility
• Serve with Respect
• Act with Inclusion

The Senior Specialist Network Security Architecture is responsible for the following deliverables

• Provide reports and analysis to support and contribute to the development of the functional strategy in line with the overarching business goals
• Ensure accurate and timely reporting to enable the regular review of the functional strategy, roadmap and performance to ensure its alignment with the changing dynamics of the internal and external ecosystem
• Provide strategic and Security Reference Architecture portfolio leadership in line with business requirements, technology standards and best practices within the function
• Align the vision of Group Information Security with the strategic objectives by providing technical security expertise to achieve strategic business goals
• Drive the adoption of the common business rules, metrics and measures and ensure that security architecture commitments, policies and procedures are adhered to 
• Facilitate the analysis of the current business environment to detect critical deficiencies and recommend solutions for the improved use of information technology, network infrastructure and related solutions and applications
• Incorporate sound architectural governance practices to optimise Group Information Security technology and Security Architecture investments (both internally owned and provided by service providers)
• Improve and refine the security architecture portfolio with regards to additional frameworks and strategies required to improve the cybersecurity posture of the MTN group
• Lead and work on highly complex projects that require in-depth domain knowledge of multiple specialized security architecture areas
• Provide on-going subject matter expert level consultation to project teams, application owners, and other technology and network teams on relevant security controls requirements
• Model threats and risks as well as the controls necessary to mitigate them, on both an organisational and technical level – thinking like a malicious hacker, understanding and anticipating the moves and tactics that a hacker might use to attack the MTN network and systems
• Work closely with the relevant MTN Group verticals to identify and select the right security technology to protect MTN’s mobile Network, Digital & IT infrastructure, cloud and IoT solutions
• Define functional and non-functional security requirements and criteria to conduct technology evaluation and selection
• Maintain a 3 - 5 years security architecture road map with budget requirements to prevent future cybersecurity attacks. Articulate the solution to senior management to receive executive buy-in
• Work with the application functions/ teams to identify and assist with the implementation of Security policy, process, people and technology improvements. This includes the use of automation and security specific testing tooling; Analysing and providing remediation guidance for identified weaknesses or vulnerabilities; validate and verify remediation implementation
• Manage and resolve escalations that have impact on critical path of service delivery
• Escalate issues that will result in severe time, scope, productivity, and cost or resource or reputational impact
• Manage and provide solutions to escalations that have multiple processes / functions impact on critical path of service delivery
• Input on objectives, targets, and budgets
• Action key cyber security risks, issues and dependencies and set mitigation actions
• Report on a periodic basis on progress made within the function and or specific projects  in accordance with the measurement metrics set by the organization

Collaboration 

Responsibility towards: 

• Key external stakeholders: 
  • External contractors & partners 
• Key internal stakeholders:   
  • Group business verticals
  • MTN OPCOs 
  • MTN Group InfoSec team 
  • Internal Auditors
  • Compliance

Education:

• 4-year Information Technology/ Information Systems/ Engineering (or related) Degree
• Master’s in business administration is advantageous
• CISSP/CISM/CEH/CSSP (one of)
• SABSA and/or TOGAF qualification will be an advantage
• Cloud certifications (Azure, GCP, AWS) will be an advantage
• Other Architectural qualifications (ITIL, TMF, COBIT) will be an advantage

Experience:

• 5 - 6 years’ of relevant work experience in IT / Core Networks/ Cloud technologies.
• A deep understanding of the Information Technology environment of a Telecom company or ISP
• Experience in designing and implementing organization wide network security policies, capabilities and features.
• Experience in managing and implementing large scale Network security projects
• Worked across diverse cultures and geographies; Pan Africa multi-cultural experience is advantageous

Functional Knowledge: 

• Knowledge of technical security disciplines, specifically around security architecture, engineering, and solution delivery
• Knowledge and experience across security products, tools, and industry trends: e.g. Mobile Network Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security, Application integration and Infrastructure Security, Security Frameworks (ISO27001, COBIT, NIST etc.), security attacks pathologies, wired and wireless security, and cyber laws and ethics
• Security protocols, communication protocols, cryptography, authentication and authorisation across mobile networks and systems
• Implementation of multi-factor authentication, single sign-on, identity management or related technologies
• Working knowledge of current security risks, risk management and assessments
• Deep understanding of the MTN business and technology strategy 

Skills

• Strong Analytics/data interpretation and presentation skills
• Learning and self-development
• Detail orientation and high standards on work performed
• Continuous improvement
• Analytical thinking / Strategic thinking
• Negotiation skills
• Teamwork
• Interpersonal skills
• Conflict management and problem solving
• Ability to cope with stress
• Presentation and facilitation
• Ability to exercise patience
• Ability to deal with change and fast pace

Behavioural Qualities

• Analytical, organised and methodical
• Operationally astute, proactive, detail-oriented
• Results drive team player