Division: Information Services
Department: Enterprise Information Security and IS Governance
Location: Accra
Position: Manager, Enterprise Information Security
Level: MTN Level 3 (Manger grade)
Reports to: Senior Manager: Enterprise Information Security and IS Governance

Job Summary:

•   Responsible for developing Information Security plans, maintaining companywide Information security policy and coordinating information security efforts across the company to safeguard MTN Ghana’s information and information assets.

Job Role

•   Assist Lead Information Security Officer in implementing Information Security Management Systems (ISMS)
•   Managing and conducting penetration tests and security assessments
•   Recommending corrective actions, countermeasures and safeguards based on investigations
•   Co-ordinate with vendors to implement information security as defined by MTN across network infrastructure.
•   Perform information security risk assessment; providing detailed investigation reports and ensure that appropriate responses and actions are put in place to mitigate new risks identified.
•   Ensure that information security goals are identified, meet the organisational requirements (Legal, regulatory, business) and are integrated in the relevant processes
•   Investigate security breaches on MTN information systems thoroughly; Advise on practical security recommendations.
•   Conduct programs to maintain information security awareness.
•   Ensure that security activities are executed in compliance with the MTN Group Information Security Policy.
•   Ensure employee, contractors and third parties comply with MTN information security policies, processes and procedures.
•   Ensure that periodic information security reviews are performed to identify risks. Recommend and manage the implementation of appropriate controls to mitigate the risk.
•   Coordinating with internal functions and telecom related vendors/partners for timely resolutions of the problems.
•   Serve as an expert advisor in the development, implementation, and maintenance of information security management standards.
•   Work with Internal Audit and external consultants as appropriate on required security audits.
•   Lead the development and enforcement of information security and privacy policies in compliance with National and telecommunication regulations and standards.
•   Develop, publish, and maintain comprehensive company wide information privacy and security strategy, plans, policy, procedures, and guidelines.
•   Understand and communicate potential threats, vulnerabilities, and control techniques to departmental system administrators.
•   Assist all divisions as necessary to investigate security breaches and pursue associated disciplinary and legal matters.
•   Implement tools and techniques to ensure the safety of IT Systems and Databases.
•   Ensure that systems adequately protect the availability, integrity and confidentiality of stored information.
•   Work with BCP team to ensure test of IT Division Business Continuity plans are updated and tested periodically.
•   Monitor information security trends, internal and external and keep management informed about information security-related issues and activities affecting the organization.

Qualification Required & Experience

Education

•   A Degree in Computer Science or Information Management, or related field
•   Certified Information Systems Security Professional (CISSP)
•   Certified Information Systems Auditor (CISA).
•   Certified Information Security Manager (CISM)
•   Certified in Risk Information Systems Control (CRISC)
•   Certified Ethical Hacker (CEH)
•   Global Information Assurance Certifications

Experience

•   Minimum of 5 years’ experience in computing and information security, including experience with Internet technology and security issues.
•   Telecoms experience
•   3 years of which must have been in a supervisory role in business continuity planning, auditing, and risk management.
•   Experience with disaster recovery planning and testing, auditing, risk analysis, business resumption planning, and contingency planning.
•   Compliance and Monitoring
•   GRC experience

Competencies

Professional/Technical competencies:

•   Ability to Map Technology to information security problems.
•   Sound knowledge of LAN, WAN and internet working technology.
•   Knowledge of security areas such as Auditing, Policy, Database Security, Firewall Design and Implementation
•   Knowledge of Risk Analysis and Management
•   Vulnerability Assessments
•   Penetration Testing
•   Computer Forensic
•   Telecommunication and Network Security
•   TCP/IP
•   Compliance and Monitoring
•   Security Management Practices
•   Security Architecture and Models
•   Access Control Systems & Methodology
•   Application Development Security
•   Operations Security
•   Physical Security
•   Business Continuity Planning
•   Law, Investigations, & Ethics

Behavioural competencies:

•   Ability to manage self and team performance, good conflict management, take and manage accountability
•   Energy & Drive – Innovative, Takes initiative, result oriented and develops self consistently, Creativity and Innovation
•   Interpersonal Skills - Leadership, customer centricity, collaborative and coaches & develops direct reports
•   Personal Skills - Trustworthy, integrity and ethical in dealings
•   Operating Skills - Ability to focus on priorities and plans, manages and monitors work effectively
•   Organisational Positioning Skills - Good written, Reporting, verbal & presentation communication, commitment to the organization
•   Global thinker, Analytical thinking and Problem solving abilities.

Location: Accra

How To Apply For The Job

Interested and qualified applicants should send their Curriculum Vitae to:

MTNGhanaRecruitment@mtn.com

Kindly indicate the Position in the email subject and note that only shortlisted applicants will be
contacted.

Closing Date: 10 July, 2019