Senior Manager: Information Security Compliance at MTN

The Senior Manager: LISO Fintech is accountable for the following objectives:

•  Definition of appropriate compliance methodologies and training relating to security for FinTech requirements
• Driving the adoption of a consistent Information Security Governance framework across Fintech
• Assist the GM: Information Security Strategy and Governance to plan, manage and coordinate the implementation of information security compliance initiatives to preserve the integrity, confidentiality and availability of the Fintech environment
• Review of Fintech platforms to ensure compliance with information security policies and configuration baselines
• Work with the MTN Fintech functions and provide input and feedback on compliance against MTN Information Security Policies and Standards
• Support and monitor the resolution of information security compliance issues that will result in server time, scope, productivity and cost/ resource impact
• Provide guidance for information security compliance issues escalated
• Review key risks, issues and dependencies and set mitigation actions for compliance with Information Security policies
• Monitor the effective cascading of the Information Security strategy into the Fintech business plans to ensure vertical and horizontal integration with the Fintech Strategy
• Implement standards for testing methodologies, techniques and procedures and conduct robust compliance testing and quality standard programme
• Monitor and report to MTN leadership on the compliance of best practice and processes of the Fintech environment
• Maintain continuous oversight of collection and dissemination of any compliance monitoring, testing and compliance issues in order to provide ongoing advice and guidance to the CIO/ CTOs
• Coordinating the process of continuous improvement in respect to Information Security Compliance across MTN;
• Review performance against agreed Key Performance Indicators (KPIs) Ensure provision of appropriate support to commercial functions;
• Execute compliance assessment programs to determine information security vulnerabilities to highlight risks and compliance gaps within Fintech
• Evaluate the effectiveness of existing information security and procedures, and work with relevant stakeholders to initiate enhancements, as identified, to align to Fintech requirements
• Act as a subject matter expert for compliance issues related to information security policies and processes
• Provide input and contribution in the continuous improvement on standardisation of Fintech process to promote an improved internal control environment
• Create awareness within the Fintech business on compliance monitoring and testing programs and methodologies
• Establish training programs on compliance monitoring and testing requirements. Create awareness within the Fintech business on compliance monitoring and testing programs and methodologies
• Review the quality of Compliance Monitoring and Testing programs and continuously strive to improve their maturity
• Facilitate group-wide quality assurance testing in accordance with compliance methodologies and standards
• Report on compliance monitoring and testing results and assist with relevant Exco and Board reporting
• Provide input into strategies for ensuring future compliance and mitigation of risk within the Fintech environment
• Coordinate the process of escalating information security compliance issues with relevant stakeholders
• Support and advice the business in setting activity logs, audit trails, function and technical requirements for Fintech platforms  
• Assist in the management of information security risk assessments for Fintech
• Engage with assurance functions such as internal audit, risk and compliance management
• Facilitate and collaborate with relevant vendors/ stakeholders for vulnerability scanning and penetration testing exercises
• Proactively identify and manage potential risks relating to information security compliance requirements
• Improving the overall information security risk profile through security compliance implementation, monitoring and reporting 
• Facilitating the remediation of information security audit findings as it relates to Fintech compliance management
• Measuring and reporting on the effectiveness of Information Security compliance management and control activities

REQUIREMENTS:

Education:

•  4-year Engineering/ Information Science Degree
• Masters in Information Science is preferred

Experience:

• Minimum 10-12 years of experience in Information Technology (Specifically information security compliance management)
• 2-3 years of experience at the Senior Management level in the telecom industry
• 2-3 years of working experience in managing information security in a large organisation
• Experience in Governance, Enterprise Risk Management and Compliance
• Experience in designing and implementing an organisation-wide information security framework
• Experience in managing and/or implementing information security projects in financial services/technology
• Experience working in Africa and the Middle East and have a grasp of political, social, infrastructure and integrity challenges
• Worked across diverse cultures and geographies advantageous
• Advanced working understanding of the information technology environment of a telecom/ financial services company
•  Exposure in managing external vendor/supplier relationships and service level agreements
• Experience working in small to medium organizations
• Experience in global/multinational enterprise, coupled with working in emerging markets
• Excellent communication skills across verbal, written, and presentation and experience of presenting to senior customers

Industry/Certifications

• CISSP certification
• Other preferred certifications are: CISA, CISM, CGEIT, CRISC, CBCP, ISO 27001 Lead Auditor or Lead Implementer, ITIL, COBIT