Jobs Career Advice Signup

Send this job to a friend


Did you notice an error or suspect this job is scam? Tell us.

  • Posted: Nov 9, 2020
    Deadline: Nov 19, 2020
  • Want to get a job fast? Signup and complete your profile on MyJobMag. Employers will find you 4x faster with a complete profile. You can download your completed profile anytime
    MTN Group Limited entered the telecommunications scene at the dawn of South Africa’s democracy, in 1994. In 1998, we began our expansion by acquiring licences in Rwanda, Uganda and Swaziland. Since then, we continued to grow, with a view of bringing world-class telecommunications and digital services to markets across Africa and the Middle East. Throug...
    Read more about this company


    Consultant: Incident Management

    Mission/ Core purpose of the Job

    The Consultant: Incident Management will be responsible to manage and oversee the information security incident process across the Group and OPCOs to ensure consistent detection, diagnoses, analysis and response to security incidents within MTN and ensure minimal disruption to business and to restore normal service operations in an optimal timeframe. The Incident Management role will focus on embedding best practice processes, tools and frameworks to the Group to provide seamless customer experience (internal/ external) perspective.

    Context (Global influences, environmental / industry demands, organizational mission etc.)

    MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates. The Consultant Incident Management must therefore ensure the successful delivery in context of:

    • An expertise-based multicultural organisation
    • A dynamic and evolving field of Telecommunications
    • Revolutionary workforce practices which are bringing together global labour markets
    • Management of executive and local shareholder expectations across MTN and its OpCos
    • Achievement of top quartile operating efficiency and effectiveness through scale and common policies and processes
    • Dynamic legal and regulatory environment
    • Convergence in markets and exploration of non-traditional revenue streams requiring complex interpretation and structuring
    • Evolving industry sector constantly presenting new challenges and opportunities to the core businesses
    • Rapid horizontal and vertical expansion of MTN, in terms of size, products, customers and geographic distribution

    Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)

    Strategy Development and Implementation 

    • Input Incident management protocols and governance in the creation of the overall information security strategy in line with the overarching business goals, customer needs and Group security framework.
    • Input into the effective implementation of the strategy by means of providing, incident management status, best practice sharing and portfolio with key resolutions and problem-solving capabilities.

    Operational Delivery

    • Drive improvement across the business to achieve the optimal service quality deliverables
    • Manage incident management progress and resolution
    • Conduct root-cause analysis on security incidents across the business
    • Define a problem solving database with identified incidents, share this knowledge with the OPCO staff responsible for incidents as well as the extended senior management team
    • Define touchpoints for integration of the security incident process with other organizational processes including service level management, capacity and availability management, change management, problem management, HR, Legal, Communication, crisis management, incident management, Asset and Configuration management
    • Drive synergies and operational efficiencies by proactively identifying resolutions
    • Monitoring and tracking of the incident impacts to the business operations at the OpCo’s
    • Define the incident management process and policy for information security across the business both at Group and OpCo, including definition of incidents, classification and prioritization and standard target resolution times. To be aligned with ITIL, COBIT, NIST, and/or ISO 27035 as driven by business requirements.
    • Implement an information security framework, toolkits and standards group-wide
    • Monitor incidents across the OpCo’s to define common themes and opportunities for improvement
    • Define metrics to measure the severity of the incident cases logged
    • Deliver best practice cyber-security incident management capabilities
    • Educate the business on incident management
    • Provide incident management inputs into ad-hoc projects reporting
    • Contribute to vendor relationship management, for external incidents impacting business and customers.



    • Perform root cause analysis for incident management and facilitate execution of corrective action
    • Identify potentially sensitive issues and escalate it to the appropriate level
    • Provide information on work accomplishments, problems, progress in work processes, individuals and team needs
    • Report dashboards on various performance metrics internally to Senior Management (Exco, Group Risk etc) as well as cross functional teams and externally to vendors.


    • Provide Incident Management inputs across all projects and initiatives for Group information security to ensure alignment to business & procurement needs;
    • Manage the risks, issues, dependencies and set mitigation actions


    • Coordinating the process of continuous improvement in respect to Incident Management and best practices.
    • Facilitate periodic independent assessments of the status of incidents, the incident management process and governance in the group and OpCo’s
    • Drive implementation and maintenance of incident management disciplines and controls
    • Review performance against agreed Key Performance Indicators (KPIs)
    • Ensure provision of appropriate support to commercial functions; and
    • Evaluate & Monitor incident resolution metrics and results
    • Monitor benefits realization


    • Assist the internal audit function in terms of audit planning to ensure that information security incident components are incorporated within the Audit;
    • Resolve information security audit issues and risks identified (in relation to incident management) across MTN Opco’s.

    Compliance and Reporting

    • Identification of root causes for the lack of compliance
    • Collaborate and provide incident management results and metrics for consistent reporting for operational and governance purposes; collaborate and coordinate remediation plans and activities
    • Initiate consequence management for non-compliance (internal/ external)
    • Report on challenges and risk identified to the senior management team


    • Oversee project initiative budgets in line with business objectives; and
    • Drive initiatives that will ensure that “cost of operations” are reduced, in line with a least cost operating strategy stemming from the business drivers.
    • Embed an incident management cost controls with alignment to business budgets

    Managerial / Supervisory Responsibilities

    • Deploy and redeploy resources to get the work done
    • Manage both internal and external development partners to accomplish tasks
    • Build and enforce a customer centric approach
    • Set up, direct and guide effective project teams
    • Encourage collaborative teamwork
    • Serve the OPCOs in establishing and enhancing their Incident Management capabilities
    • Identify training requirements and facilitate the training of staff (Group and Opco) in the Incident management and response disciplines (aligned to detect, respond and recover in the NIST Cyber security framework)
    • Build professionalism, loyalty and commitment to the organization
    • Communicate actively and effectively resolving any potential conflicts that may arise
    • Have the self-insight and flexibility to adapt to different situations
    • Manage boundaries that separate units in order to optimize workflow

    Job Requirements (Education, Experience and Competencies)


    • 4 year Engineering/ Information Science Degree/ Procurement
    • Masters in Information Science advantage
    • CISSP certification
    • ISO 27035 training / certification advantageous
    • Other preferred certifications are: CISA, CISM, CGEIT, CRISC, CBCP, ISO 27001 Lead Auditor or Lead Implementer
    • ITIL Certification is Advantageous


    • 5 - 8 years of relevant work experience in Information Technology (specifically security)
    • 2 - 4 years of experience at the Management level in the telecom industry
    • 2 - 4 years working experience in the management of information security incident process would be advantageous (process definition, incident response, reporting) as well as experience in using the tools necessary to execute incident response and recovery (incident triage, forensic imaging and machine examination, log extraction and review etc across multiple endpoint and server environments)
    • Experience in large scale information security projects /vendor relationships
    • Experience in Governance, Enterprise Risk Management and Compliance
    • Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
    • Advanced working understanding of the information technology environment of a telecom company


    • Fluent in English
    • Multi-country operations oversight experience
    • Willing and flexible to travel within Africa and Middle East
    • Understanding of general regulatory requirements in the telecom industry as it relates to Vulnerability Analysis
    • Global mindset to service worldwide operations
    • Telecommunications industry experience would be beneficial
    • Pan Africa and Middle East multi-cultural experience would be beneficial

    Collaboration (Formal and Informal Relationships)

    Responsibility towards: 

    Key external stakeholders: External contractors & partners

    • External Auditors (Group & OPCOs)
    • Partners
    • Distributors
    • Vendors (Group & OPCOs)
    • Law enforcement agencies (Across all countries)
    • Third Parties (Group & OPCOs)
    • Legislative Bodies (Across all countries)
    • Network/Firewall/System Administrators (OPCOs)

    Key internal stakeholders:  

    • Executive GIS
    • Regional VP’s
    • OpCo Senior Management
    • Governance Forums (Group & OPCOs)
    • Audit Committee (Group & OPCOs)
    • Internal Auditors (Group & OPCOs)
    • Business Risk (Group & OPCOs)
    • Compliance (Group & OPCOs)
    • Information Technology (Group & OPCOs)
    • Cyber Security Team (Group & OPCOs)
    • Network/Firewall/System Administrators (OPCOs)

    Closing date: 16 November 2020. Late applications will not be accepted.


    Method of Application

    Interested and qualified? Go to MTN on to apply

    Learn how to get a job in any industry you want. Read 72 Hours to The Job You Love

  • Send your application

Back To Home

Career Advice

View All Career Advice

Subscribe to Job Alert


Join our happy subscribers

This website uses cookies to improve your experience. By using this site you agree to the storing of cookies on your device to enhance navigation, analyze site usage, and assist in our marketing efforts. To learn more, see our Cookie Policy. Accept and Close
Send your application through

Yahoomail Gmail Hotmail