Senior Specialist - Windows Security.Technology Information

Technical Excellence

• Design, manage and implement Microsoft information systems security architectures (e.g., people, processes, technology)
• Responsible for the risk mitigation controls of key risk areas on Microsoft platforms, including security monitoring, patching, group policy and vulnerability management
• Research, Develop and implement Microsoft technical security solution designs 
• Determine a holistic view of security requirements on Microsoft platforms by evaluating current security operations and requirements; researching information security standards; identifying integration issues and preparing cost estimates
• Manage and Evaluate outsourced / third-party Azure environments to ensure they provide adequate protection for the processing, transmission, and storage of MTN’s information
• Manage and lead the development and implementation of security standards for all components of Microsoft application stacks (OS, DB, Middleware, Web etc.)
• Ensure a standardized and aligned approach (driven from Group Information Security) for Microsoft security architecture across MTN SA. 
• Roadmap definitions for security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

Operational Delivery

• Assist Senior Manager to develop, design and implement the overall information security architecture requirements and framework, overarched by the business risk strategy
• Work with Data Protection team to define and implement Office 365 Data leakage prevention policies for OneDrive, Exchange online and SharePoint and integration with other platforms
• Design, Configure and implement Microsoft Mobile Application/ Device management policies
• Perform best-practices risk assessments of Microsoft security stacks
• Design and consolidate disparate identity management architectures into a single identity management workflow via ADFS, Kerberos, LDAP, SAML, FIM etc. 
• Design and deploy security solutions on Azure solutions, Exchange, office 365 and hybrid Active directory
• Conduct research on security latest trends, plan and implement security solutions
• Technically manage and liaise with Systems Administrators for operational implementation of policies and security best practices
• Develop and translate the security requirements into a technical implementation plan
• Manage SLA’s and collaborate with the Client Server Team to ensure that technical plans are practical, controls are sustainable, and implementation is managed to minimize risk and adverse impact to servers, workstations and user productivity.
• Deploy and ensure adequate security standards across relevant environments
• Design and implement the infrastructure, configurations and processes to monitor security related events in the server environment
• Identify and prepare relevant information and data for reporting purposes
• Provide daily, weekly and monthly information security reports as per the business reporting requirements
• Support Business Risk Management in security related investigations 
• Develop, plan and action remedies required to prevent MTN exposure to security related threats
• Manage and perform security incident response
• Document and operationalize the processes and procedures necessary to sustain the security posture of the environment
• Conduct Research and maintain development policies to ensure security policies are up to date and cater for new technologies, including testing internal and external software development and procurement practices adhere to security protocols
• Define, develop, and implement Server and Desktop Security policies in alignment to Group Policy
• Collaborate with the Network Planning and Operations teams on shared policies
• Work with internal stakeholders to define action plans to close or mitigate findings of auditors
• Train stakeholders on security to raise the overall awareness
• Proactivity test for security related issues and propose remedial plans
• Develop, monitor and measure the deployment of security standards  
• Plan the life cycle of the security platforms 
• Conduct capacity planning - platforms are upgraded to ensure sufficient headroom 
• Propose and provide advice into the best platforms/solutions to minimise security related incidents 
• Plan the life cycle of the security platforms 
• Conduct capacity planning - platforms are upgraded to ensure sufficient headroom 
• Propose and provide advice into the best platforms/solutions to minimise security related incidents 

Managerial / Supervisory Responsibilities

The role requires Microsoft Architecture design, management and supervision of the activities of a number of Client Server Team members whose input is required before system changes can be made and / or who may implement the changes.

• Minimum of 3 years tertiary qualification (degree/ national diploma) in Information Technology/ Engineering
• CISSP, CISM, SABSA, TOGAF or equivalent Information Security qualification or relevant proven working experience 
• Unix/Microsoft certification
• Azure, Office 365 and Windows Certifications.
• Other qualifications (ITIL, TMF, COBIT) advantage

Experience:

• Minimum of 6+ years of relevant work experience in Information Security with exposure to Active Directory, Azure AD, Office 365, Operating System, Application, Database and Network security. 
• Programming experience preferable, particularly scripting. 
• Operating Systems 
• Databases Oracle, MySQL, SQL Server
• Active Directory (Security best practice, design, group policies)
• Networking, network protocols
• Unix/Linux
• Microsoft Windows Desktop and Server