Information Security Incident Manager at MTN

Job description

Join the MTN Group to experience the power of the MTN Brand across a global footprint, celebrating our diverse communities while unlocking your potential. The bold and inspiring leadership team that enables the achieving of performance excellence in the MTN way in everything we do, everywhere they go.

The role will be responsible to manage and oversee the information security incident process across the Group and OPCOs to ensure consistent detection, diagnoses, analysis and response to security incidents within MTN and ensure minimal disruption to business and to restore normal service operations in an optimal timeframe. The Incident Management role will focus on embedding best practice processes, tools and frameworks to the Group to provide seamless customer experience (internal/ external) perspective.

• Operational Delivery
• Drive improvement across the business to achieve the optimal service quality deliverables
• Manage incident management progress and resolution
• Conduct root-cause analysis on security incidents across the business
• Define a problem solving database with identified incidents, share this knowledge with the OPCO staff responsible for incidents as well as the extended senior management team
• Define touchpoints for integration of the security incident process with other organizational processes including service level management, capacity and availability management, change management, problem management, HR, Legal, Communication, crisis management, incident management, Asset and Configuration management
• Drive synergies and operational efficiencies by proactively identifying resolutions
• Monitoring and tracking of the incident impacts to the business operations at the OpCo’s
• Define the incident management process and policy for information security across the business both at Group and OpCo, including definition of incidents, classification and prioritization and standard target resolution times. To be aligned with ITIL, COBIT, NIST, and/or ISO 27035 as driven by business requirements.
• Implement an information security framework, toolkits and standards group-wide
• Monitor incidents across the OpCo’s to define common themes and opportunities for improvement
• Define metrics to measure the severity of the incident cases logged
• Deliver best practice cyber-security incident management capabilities
• Educate the business on incident management
• Provide incident management inputs into ad-hoc projects reporting
• Contribute to vendor relationship management, for external incidents impacting business and customers.

You must have the following:

Education

Minimum of 4 year Bachelor's degree in Engineering/ Information Science

Experience

• 5 - 8 years of relevant work experience in Information Technology (specifically security)
• 2 - 4 years of experience at the Management level in the telecom industry
• 2 - 4 years working experience in the management of information security incident process would be advantageous (process definition, incident response, reporting) as well as experience in using the tools necessary to execute incident response and recovery (incident triage, forensic imaging and machine examination, log extraction and review etc across multiple endpoint and server environments)
• Experience in large scale information security projects /vendor relationships
• Experience in Governance, Enterprise Risk Management and Compliance
• Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
• Advanced working understanding of the information technology environment of a telecom company