Job Summary

• The successful candidate will join our team as the Information Security Officer in the IT Department.
• This position reports to the Chief Information Officer and is responsible for managing and overseeing the organization’s information security strategy, ensuring that data and systems are protected from both internal and external threats. The Information Security Officer will act as a liaison between executive management and the Information Security program.
• Additionally, (s)he will work closely with key business stakeholders to address information protection needs while maintaining a comprehensive global information security program to ensure that information assets are adequately safeguarded.

Key Responsibilities

• Establish operational and capital budgets to address the needs of various areas of the IT department.
• Coordinate the selection, implementation, and upgrade of the business’s software/applications and services.
• Develop and implement a business recovery strategy for the IT department.
• Establish security architecture and implements procedures and controls to ensure information and data are secured and in compliance with the security and storage regulations of the business.
• Lead the team in the analysis, enhancement, and tailor current practices and existing systems to increase operating efficiencies as well as reduce costs within the business.
• Ensure consistency and maintainability of existing infrastructure environments with well-documented standards and procedures for the implementation of technical solutions.
• Ensure adherence to the overall financial objectives of the business and track the annual departmental expenditures.
• Responsible for business backups ensures that critical data is securely backed up, properly managed, and readily accessible during emergencies, while also meeting regulatory requirements for data protection and business continuity.
• Accountable for all IS activities in his operation’s business units, including BCM.
• Exercise oversight to the IS program within the business, including framework, policies, standards, and related reporting.
• Assist in the implementation of AT IS Standards at the business level to ensure procedures and practices comply with those standards.
• Establish relationships and interact regularly with employees and business management on the IS program, policies and standards.
• Influence behavior through constant communication educating and advising the business on IS practices and requirements.
• Provide general IS consulting services including interpretation and/or clarification of AT IS Standard and IS best practices and is consulted as a subject matter expert for IS topics.
• Ensure that the IS Training & Awareness activities are performed as per AT IS Standard requirements.
• Ensure Information Owners periodically review their Asset Classification.
• Leverage the ISO network to have access to resources, seek out best practices, and create efficiencies.
• Participate in the IS community on committees and cross-business / functional opportunities to provide adequate representation for IS aspects, e.g., Security Committee.
• Manage allocation of Information Security staff according to business requirements.
• Manage talent including recruitment, development, training and retention of key staff in accordance with AT’s Strategic Plan and Human Resources policies.
• Develop and maintain a viable succession plan.

Consumer And Business Services Delivery & Network, Platforms, Billing & Facilities

• Ensure that IS risk is managed during the development of new products and applications, and that risks are mitigated during the products and systems development process. Ensure that the Application IS review process is executed in accordance with the Secure SDLC (Secure System Development Life cycle) process, to ensure that applications appropriately protect the confidentiality and integrity of business information stored and processed by them.
• Ensure that secure configurations are defined and implemented, leveraging technical knowledge and problem-solving skills in the network, database, server and desktop technology areas. Ensure that the Infrastructure IS Review process is executed in accordance with the IS Standard.
• Participate in the definition and implementation of procedures according to corporate guidelines and standards.
• Demonstrate knowledge of Intrusion Detection Systems as well as a thorough knowledge of server and desktop configurations as they relate to system security.
• Participate in the evaluation and selection of applications and systems with specific focus on IS implications.
• Participate in the planning and implementation of IS administration for IT/Network projects.
• Ensure that technical controls are embedded in day-to-day operations and that remediation of non-compliance is documented and addressed.
• Assist the system development and infrastructure/network/application units to identify IS risks and controls for the development of products and systems.
• Guides the business to ensure that IS risks, controls, and tests are embedded in the IS Risk Self-Assessment.
• Monitors that Vulnerability Assessments (ethical hacks) are performed as required in the IS Standards, ensuring that issues are addressed in a timely manner, for the applications and infrastructure, including those that are not managed by AT’s technology groups, e.g., vendor-managed, vendor-hosted, cloud computing providers.
• Lead IS incidents response activities by helps security incident response teams resolve and close the investigation of incidents with proactive suggestions.

Technical and Business Strategy

• Ensure that all IT and Network controls comply with industry regulations and internal policies. Coordinate and oversee the IS, Compliance and Business Continuity activities.
• Must prepare for and manage internal and external audits related to IT/Network controls, ensuring that all required documentation and procedures are in place.
• Must ensure continuously monitoring of IT systems to ensure ongoing compliance with security policies and procedures. Have broad understanding of Identity Access Management, Threat and Vulnerability Management, Information Security Architecture, and Data Protection.
• Ensure alignment of IS program with business strategy.
• Plan and execute the IS strategy for his operation. Coordinates IS activities with business plans.
• Drive constructive procedural changes to ensure effective risk-based implementation of IS requirements.
• Summarize the IS status to the managers in business terms.
• Articulate the value of IS controls and its bottom-line impact.
• Work with the business to interpret and translate specific IS business requirements into technical requirements.
• Establish and maintain relationships with domain architects, developers, project managers, system administrators and others within the Factory group.
• Drive recommendations for new or emerging IS technologies in response to organizational needs at the local level.
• Guide the business and technical units in the implementation of approved security tools and continuously identify innovative and enhanced security solutions / emerging technologies for the ‘Security Component Evaluation Task Force’ review and certification.

Strategic Quality

• Ensure that IS characteristics are included as part of the quality framework in all product development.
• Procurement & Supply Chain
• Support the business by reviewing contract language as it relates to IS.
• Engage with Supply Chain Management to ensure that IS requirements are included in Requests for Proposals and in vendor contracts.
• Ensure that the Third Party IS Assessment is performed.

Profitability & Cost Control

• Ensure the Operations include the global guidelines and priorities in the IS Budget exercise.
• Deliver in a timely and cost-effective manner all CAPEX commitments
• Constantly control and optimize OPEX by leading the preparation and execution of an annual actionable cost savings plan as part of the budget

Risk Management, Processes And Controls

• Lead the implementation of the AT Information Security framework, including BCM and DRP frameworks.
• Perform IS Risk Management for the business units’ processes, applications and supporting technology infrastructure. Ensure IS Risk Assessment is performed according to AT standards by partnering with the businesses throughout the Risk Assessment process and determine the impact of control deficiencies.
• Manage risk by analyzing the root cause of issues, impact to business, and required corrective actions by leveraging analytical skills.
• Proactively manages risk and control through the identification, escalation, and solution development for compliance and audit issues including direct interaction and coordination with Internal Control officers and Internal Auditors.
• Develop corrective action plans for all IS-related gaps and approves all closures by reviewing evidence to ensure the closure meets AT requirements or industry best practices.
• Review status of IS program and oversees corrective action when necessary.
• Identify the need for and develop new and improved technical procedures and process control manuals.
• Provide periodic IS risk management reports highlighting key issues and corrective action plans.
• Partner with business coordinators in other disciplines, e.g., Internal Audit, Revenue Assurance, Process Management, Records Management, etc.

Key Performance Indicators (Kpis):

• Make sure all AT standard security and procedure are followed
• 95% success rate of audit
• Must manage Vulnerability.
• Adherence to internal and external regulatory requirements
• Security awareness and training
• Ensure business continuity and disaster Recovery
• Alerting unauthorized access to vital systems within SLA

Location: Accra

How To Apply For The Job

Interested and qualified applicants should send their Applications & Curriculum Vitae to:

Recruitment@ppl.net.gh

Kindly indicate the role you are applying for in the email subject.

Closing Date: 17 May, 2025

Ready to be part of our dynamic and innovative team? At AT, we enhance the value of our employees by providing long-term growth and opportunities in an ever-evolving work environment. Our values are at the core of what we do and represents who we are, Simplicity, Transparency and Relevance. Initiate your journey to be part of our world-class team and experience a rewarding career.