Senior Manager: Technology Security Managed Services at MTN

Mission/ Core purpose of the Job: 

• Oversee and run the SA Hub security services across the various security domains required . The role provides a holistic management, governance and specialist skills to support MTN on their security needs and drive the team's performance. The role reports to the General Manager Technology Security, MTN SA

Key Performance Areas: 

• Develop goals, strategies, and plans needed to achieve the MTN Group and Spoke Opco Information Security Requirements
• Build the capabilities to enable optimal Network and IT Security; directly responsible for significantly contributing to the overall technical architecture, stability, resiliency and general health related to security solutions in the Spoke Opcos.
• Provide governance and technical leadership and guidance to Hub Specialists and business partners in Opco for monitoring, provisioning, SLA’s, development and response activities related to Hub security Services.
• Validate that security architectural standards are being met in Spoke Opco and alignment to Group Information Security and assist with the enablement of Security Architecture within Technology to define standards . 
• Drive the design, development and deployment efforts related to security architecture, scalability, availability and performance ; provide guidance and review on business and technology solutions – design phase security solution architecture and post implementation. 
• Provide on-going subject matter expert level consultation to the Hub and project and operational teams, application owners, and other technology and network teams on relevant security controls requirements.  
• Model threats and risks as well as the controls necessary to mitigate them, on both an organisational and technical level – thinking like a malicious hacker, understanding and anticipating the moves and tactics that a hacker might use to attack MTN Mobile network and systems. 
• Work closely with the teams to identify and select the right security controls to protect MTN's network & IT infrastructure, cloud and IoT solutions; define functional and non-functional security requirements and criteria to conduct technology evaluation and selection. 
• Serve as a technical lead and mentor to the Hub and team members 
• Work with the application functions, network teams and IT infrastructure teams to identify and assist with the implementation of Security policy, process, people and technology improvements. This includes the use of automation and security specific testing; Analysing and providing remediation guidance for identified weaknesses or vulnerabilities; validating and verifying remediation implementation.
• Create and continuously review governing principles to guide information, technology, and solution decision making.
• Drive the implementation of security governance and ensure adherence to it. 
• Support the prioritisation process to drive prioritisation of requirements and initiatives in functional areas to ensure timeous delivery of requirements.
• Drive assessments of security risk and audits; work with Technology Risk and Audit teams in the Opcos to review compliance and audit requirements for Information Security and ensure they are addressed.
• Foster a security-conscious culture within the Technology and Business teams.
• Forecast, plan, develop and review Hub budgets in line with MTN Group financial guidelines and requirements. 
• Publish baseline policies, manage and run governance for Information Security function for the allocated Hub and Spoke in line with Group Information Security.
• Enable training for staff on Information Security policies and procedures with Group guidance for Spoke Opco. 
• Reports to Information Security lead concerning residual risk, and other security exposures against the proposed security standards and policies including misuse of information assets and noncompliance.
• Ensure and manage wide implementation of baseline security functions and subsequently the intermediary and Enhanced capabilities.  
• Measure and report on the effectiveness of Information Security management and control activities to the GM Technology Security and the requisite governance framework.
• Report at operations and audit committees and manage the actionable outcomes related to security. 

Tactical Planning

• Manage and develop the capability of the team to deliver security services needs of MTN. 
• Partner with business leaders and peer-level managers to assess the technological cost and impact of recommended changes, help clarify priorities, and coordinate cross-organizational/ consortia where common needs have been identified.
• Assess risks and the effects of specific requirements on other business processes and system priorities to ensure security services are aligned with business strategic objectives. 
• Identify high risk/priority security areas for improvement 
• Work closely with Finance teams in MTN SA and business to ensure budgets and cost recovery procedures are in place and working effectively 
• Build a strong relationship with the business to ensure delivery
• Develop, monitor and deliver on SLAs
• Where there are challenges to perform tasks remotely, ensure the executes actions that are in line with above mentioned activities. 

Supervisory / Leadership / Managerial Complexity:  

• Recruit, develop and retain people with outstanding skills, qualifications and potential. 
• Performance management and identification of training needs. 
• Accountable for a customer-centric culture and shift to legendary service provision.
• Employee relations and collaborative teamwork. 
• Coaching and guidance of subordinates. 
• Build professionalism, loyalty and commitment to the organization. 
• Communicate actively and effectively resolving any potential conflicts that may arise. 
• Living the MTN Brand – changing and influence employees’ behaviour. 
• Clarify roles within the team to enhance collaboration and results 
• Reward practices conducive to building individuals and team confidence 
• Optimal human resource allocation / redeployment in line with strategic objectives 
• Manage conflict proactively and monitor disciplinary and grievance actions and trends 
• Team learning and knowledge sharing within team; appropriate strategic timing for people up-skilling in line with newly developed technologies and strategic practices 
• Train, motivate & develop resources 

Minimum Requirements  

Education:

• Minimum of 4 years tertiary qualification in Information Technology
• MBA or Masters advantageous
• CISSP/CISM/CEH CRISC

Experience:

• Manager with track record of at least 5 years supervisory experience. 
• At least 8 years in technical security disciplines.
• At least 3 years in telecommunications industry
• Must have a wide breadth of knowledge and experience across security products, tools, and industry trends 
• Good working knowledge of current security risks, risk management and assessments
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
• Expert knowledge of regulatory compliance requirements (PCI-DSS, ISO 27001, GDPR, etc.)
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook
• Understanding of emerging markets advantageous
• Worked across diverse cultures and geographies
• Pan Africa multi-cultural experience is advantageous