Manager - Segregation of Duties Identity and Access Governance.Group Information Security

We at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us. This is what we want you to experience with us!
Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

Live Y’ello
•    Lead with Care
•    Can-do with Integrity
•    Collaborate with Agility
•    Serve with Respect
•    Act with Inclusion

Mission/ Core purpose of the Job

The primary function of the Manager: Identity and Access Governance is to contribute to the establishment and advancement of a dedicated Centre of Excellence (CoE) focused on Identity Access Governance (IAG) and Segregation of Duties (SOD). 
The core purpose is to effectively mitigate information security risks and minimise potential financial, operational, and reputational impact across the entire organisation. This entails unifying individuals, processes, and technology to contribute to the construct of a comprehensive group framework.

Key Performance Areas: Core, essential responsibilities/outputs of the position (KPA's)

The Manager: SOD, Identity and Access Governance will have the following responsibilities:
•    Policy and Standards Alignment:
o    Ensure alignment of SoD/ IAG processes, policies, and standards with industry good practices, regulations, and frameworks
o    Contribute to the development and maintenance of a comprehensive SoD/IAG policies and standards framework.
o    Support the regular review and update of policies to address emerging security risks and changing business needs.

•    Segregation of Duties (SoD) Management:
o    Construct and implement SoD Application Standards to ensure proper access controls and separation of duties.
o     Support risk analysis for SoD, identifying areas of vulnerability and driving the implementation of appropriate mitigation measures with the OPCOs.
o    Support the facilitation of self-assessments of SoD compliance within different departments or OPCOs and business units, tracking non-compliance and ensuring timely remediation.

•    Technology Implementation and Management:
o    Contribute to the evaluation, selection, and implementation of SoD/IAG technologies and tools that align with organisational requirements.
o    Support oversight in the integration and utilisation of SoD/IAG technologies, such as identity management and access control systems.
o    Ensure the proper configuration, integration, maintenance, and monitoring of SoD/ IAG tools and systems.
o    Collaborate with IT teams and vendors to manage IAG tools and systems lifecycle, including upgrades, patches and enhancements
o    Support the establishment of presentations to obtain approvals from appropriate internal governance forums, including Architecture, Risk and Compliance, Security, and Technology functions.

•    Communication and Training:
o    Support the development and implementation of communication strategies to promote awareness and understanding of SoD/IAG across the organisation.
o    Contribute to effective communication channels for reporting, escalation, and resolution of SoD/IAG-related issues.
o    Support training programs and awareness sessions to educate employees on SoD/IAG policies, procedures, and best practices.

•    Compliance and Audit:
o    Ensure compliance with relevant internal governance and compliance policies and standards, including Security, Risk and Compliance, and Technology
o    Ensure compliance with relevant regulations, laws, and industry standards related to SoD/IAG.
o    Support the remediation of audit findings and drive the implementation of appropriate mitigation measures with the OPCOs.

•    Performance Monitoring and Reporting:
o    Contribute to the establishment of key performance indicators (KPIs), key risk indicators (KRIs) and metrics to measure the effectiveness of SoD/IAG initiatives.
o    Monitor and analyse SoD/IAG performance data, identify trends, and provide actionable insights.
o    Generate regular reports and support executive summaries to communicate SoD/IAG performance to relevant stakeholders.

•    Stakeholder Management:
o    Collaborate with the CoE team and cross-functional teams to ensure alignment and cooperation on SoD/IAG initiatives.
o    Support management of third-party vendor contracts for SoD/IAM and SoD/IAG-related services, including negotiation and defining deliverables and performance metrics.
o    Support effective management of stakeholders at various levels within the organisation, resolving issues, addressing concerns, and proactively communicating SoD/IAG initiatives and progress.

•    Financial Management:
o    Support effective management of budgets for SoD/IAG initiatives, including cost estimation, financial planning, and expense tracking.

•    Service Level Agreements (SLAs):
o    Provide support to ensure adherence to SLAs related to SoD/IAG services.

Job Requirements (Education, Experience and Competencies)

Education:
•    Minimum of 4-year tertiary degree/diploma (Business Analytics, Information Technology, or related field) 
•    Honours advantageous
•    English, French (an advantage)

Experience:
•    2-3 years of experience at the Management level in the telecom industry
•    2-3 years of working experience in managing identity, access governance and segregation of duties in a large organisation, with a strong technical background
•    A minimum of 5 years’ experience in information security, identity and access governance (including segregation of duties), preferably in the telecom or IT industry  
•    Experience in supporting management and implementation of large-scale identity and access governance projects.
•    Experience working in Africa and have a grasp of political, social, and infrastructure challenges.
•    Working experience in the information technology environment of a telecom company 
•    Experience in managing stakeholders and third-party vendors. 

Competencies:
•    Analytical Thinking and Problem-Solving, 
•    Improvement Driver and Culture and Change Champion, 
•    Supportive Business Manager and Relationship Manager
•    Results Achiever
•    Operationally Astute

Industry Certifications:
•    Entry Certificate in Business Analysis (ECBA), IIBA CCBA, IIBA CBAP
•    Other preferred certifications are: IIBA-AAC, PMI-PBA, Six Sigma, Microsoft Certified: Data Analyst Associate, CDMP, CAP, CDA, Certified ScrumMaster, PMP, Prince2 Practitioner  
•    ITIL Certification is Advantageous
Other:
•    Regional and international travel