Senior Manager: Technology Security Architecture at MTN

Mission/ Core purpose of the Job:

• Design and maintain an enterprise security architecture to protect the MTN Network and its systems. This involves leading a team that is responsible for defining, planning, architecting and coordinating the implementation and maintenance of information security necessary to support the MTN SA network and systems. This also includes optimisation and standardisation of information security across the enterprise, which includes the product and infrastructure lifecycle management and roadmaps across all IT infrastructure, mobile network and application platforms, including new builds for short-term renewals, medium and long term tactical and strategic plans.

Key Tasks: 

• Provide strategic and architectural leadership to the Technology Security Architecture team, in line with business requirements, technology standards and best practices within the function.
• Engage with Enterprise and Solutions Architect Teams to extract potential benefits and efficiencies achieved at a technical implementation and/or process layer.
• Align the vision of MTN with the strategic objectives of Technology business unit by providing technical security expertise to achieve common goals.
• Drive the adoption of the common business rules, metrics and measures and ensure that Technology business unit commitments, policies and procedures are adhered to 
• Facilitate the analysis of the current business environment to detect critical deficiencies and recommend solutions for the improved uses of information technology, Network infrastructure and related solutions and applications
• Incorporate sound architectural governance practices to optimise MTN’s technology investments (both internally owned and provided by service providers)
• Incorporation of sound architectural governance practices to optimise your technology investments (both internally owned and provided by the group)
• Improve and refine portfolio’s area of expertise with regards to additional frameworks and strategies required to improve the cybersecurity posture of MTN
• Responsible for leading and working on highly complex projects that requires in-depth domain knowledge of multiple specialized architecture areas; together with your team, provide on-going subject matter expert level consultation to project teams, application owners, and other technology and network teams on relevant security controls requirements.  
• Model threats and risks as well as the controls necessary to mitigate them, on both an organisational and technical level – thinking like a malicious hacker, understanding and anticipating the moves and tactics that a hacker might use to attack MTN Mobile network and systems. 
• Work closely with the Technology team to identify and select the right security technology to protect MTN's network & IT infrastructure, cloud and IoT solutions; define functional and non-functional security requirements and criteria to conduct technology evaluation and selection. 
• Serve as a technical lead and mentor to the other members of the information security team. 
• Create and maintain a 3 - 5 years security road map with budget requirements to prevent future cybersecurity attacks. Articulate the solution to senior management to receive executive buy-in. 
• Assess the maturity of security in the DevOps and define controls to improve the capability. 
• Work with the application functions/ teams to identify and assist with the implementation of Security policy, process, people and technology improvements. This includes the use of automation and security specific testing tooling; Analysing and providing remediation guidance for identified weaknesses or vulnerabilities; validate and verify remediation implementation.

Minimum Requirements

Education:

• Minimum of 4 years tertiary qualification /Masters advantageous
• CISSP/CISM/CEH
• SABSA and/or TOGAF qualification will be an advantage
• Business analysis/architecture qualifications
• Managerial courses will be an advantage
• Other Architectural qualifications (ITIL, TOGAF, TMF, COBIT) advantage
• Fluent in English

Experience:

• Manager track record of at least 5 years or more in technical security disciplines, specifically around security architecture, engineering and solution delivery with at least 3 years in telecommunications industry.
• Must have a wide breadth of knowledge and experience across security products, tools, and industry trends: e.g. Mobile Network Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security, Application integration and Infrastructure Security, Security Frameworks (ISO27001, COBIT, NIST etc.), security attacks pathologies, wired and wireless security, and cyber laws and ethics. 
• Solid understanding of security protocols, communication proptocols, cryptography, authentication and authorisation across mobile networks and systems
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
• Good working knowledge of current security risks, risk management and assessments
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
• Expert knowledge of regulatory compliance requirements (PCI-DSS, ISO 27001, POPI, GDPR)
• Worked across diverse cultures and geographies advantageous
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook