Manager: Cyber Defence at MTN

Mission/ Core purpose of the Job

The Manager: Cyber Defence is responsible for overseeing the Cyber Defence operations. The role engages with key business and operational partners in managing the detection, response, and remediation of cyber related attacks on Group Finco’s network and its systems while contributing and delivering services and projects that support the strategy, priorities and objectives of the organisation. The incumbent will be responsible for continuously performing specialised threat hunting and taking the lead during incident investigation to drive speedy resolution to minimise potential data leakage and financial loss to Group Finco.

Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)

Strategy Development and Implementation

• Provide reports and analysis to support and contribute to the development of the functional strategy in line with the overarching business goals
• Ensure accurate and timely reporting to enable the regular review of the functional strategy, roadmap and performance to ensure its alignment with the changing dynamics of the internal and external ecosystem

 Operational Delivery

• Manage Security Operations, third party services and Group Finco cyber defence services, ensure SLAs are met and monthly performance meetings are taking place
• Research and keep abreast on cyber-attacks and threats in order to continuously protect Group Finco against new types of attacks.
• Ensure incident identification, assessment, quantification, reporting, communication, and mitigation while confirming SLA compliance, process adherence, and process improvisation to achieve operational objectives
• Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring, maintaining working knowledge of cyber threat actor tactics and techniques
• Integrate standard and non-standard logs and review/ revise the processes to strengthen cyber security operations
• Lead efforts and participate in audits covering cyber defence
• Assess and develop cyber resilience roadmaps to improve Finco’s security posture by identifying security gaps to manage existing and emerging security risks
• Implement cyber threat and vulnerability management strategies and operational requirements (Cyber Defence)
• Assist to drive strategic alignment of the Group cyber incident response operations
• Develop a standardised set of responses to cyber security breaches with responses varying according to the level of cybersecurity breaches
• Establish protocols for communication within Group Finco and Finco Opcos
• Perform specialist level response to security incidents and lead Technology teams during a cyber-incident
• Revise and develop processes to strengthen the current Security Operations Framework (where required), review policies and highlight the challenges in managing SLAs
• Provide vulnerability analysis specific input to Group Finco’s information security strategy
• Develop, integrate and monitor detailed Group Finco business plans for vulnerability analysis in accordance with the frameworks, goals and targets agreed
• Organise and execute periodic vulnerability assessments and Pen Tests by applying knowledge of scanning tools and emerging risks
• Work with Group Cyber Defence to coordinate scans with all relevant Group Finco verticals, including the distribution of notices or notifications, and the management of logistical requirements
• Lead process optimisation, enhancement, efficiency and continuous improvement on initiatives and programmes within the threat and vulnerability management, as well as benchmark and analyse trends to optimise internal processes
• Track and prioritise the remediation of vulnerabilities, according to their level of criticality and their potential risk to the business of the affected asset. Report on the status of the resolution of vulnerabilities on a period basis
• Analyse and identify vulnerability analysis trends across the organisation and compile consolidated reports on the status of vulnerability analysis for regular updates to management
• Consolidate reports, dashboards, metrics and internal operations and present to Management
• Transfer knowledge of methodologies, processes and tools to relevant stakeholders (as and when required)
• Become the “go-to” specialist on all cyber resilience matters

Governance

Strategic Meetings

• Set up / participate in ad-hoc operational meetings
• Participate and provide input in strategic meetings
• Perform evaluation baseline of key performance indicators (KPIs)
• Request for relevant budget for internal projects and new initiatives
• Facilitate preparation of proposals on change initiatives, policies, and procedures

Escalations

• Manage and resolve escalations that have impact on critical path of service delivery
• Escalate issues that will result in severe time, scope, productivity, and cost or resource or reputational impact
• Manage and provide solutions to escalations that have multiple processes / functions impact on critical path of service delivery
• Manage and provide solutions through stakeholder consultation where relevant

Function Tactical

• Review all projects initiated (internal or global)
• Input on objectives, targets, and budgets for sub-function as applicable
• Action key risks, issues and dependencies and set mitigation actions
• Facilitate in sign-off / making decisions regarding tactical changes
• Performance
• Execute performance and alignment with sub-functional strategy
• Collaborate with other functions within Group Finco

Reporting

• Report on a periodic basis on progress made within the function and in accordance with the measurement metrics set by the organisation
• Report on an ad hoc basis on specific projects, as required

Job Requirements (Education, Experience and Competencies) 

Education:

• 4-year Information Technology/ Information Systems/ Business Science (or related) Degree
• Masters in Business Administration is advantageous
• CISM/ CISSP/ CEH/ GICSP certification (one of)
• Other qualifications (ITIL, COBIT) advantageous

Experience:

• 4 – 5 years’ of relevant work experience (similar to the role)
• At least 3 years’ experience within a non-traditional FinTech, Banking or Financial Services Sector
• Experience in a managerial position, preferably within FinTech
• Deep understanding of the Fintech ecosystem, players, business models and financial sector or banking industry related best practices
• Understanding emerging markets advantageous
• Experience working in a medium to large organization
• Worked across diverse cultures and geographies; Pan Africa multi-cultural experience is advantageous