Senior Specialist - Network Security Architecture at MTN

RESPONSIBILITIES

The Senior Specialist Network Security Architecture is responsible for the following deliverables

• Provide reports and analysis to support and contribute to the development of the functional strategy in line with the overarching business goals
• Ensure accurate and timely reporting to enable the regular review of the functional strategy, roadmap and performance to ensure its alignment with the changing dynamics of the internal and external ecosystem
• Provide strategic and Security Reference Architecture portfolio leadership in line with business requirements, technology standards and best practices within the function
• Align the vision of Group Information Security with the strategic objectives by providing technical security expertise to achieve strategic business goals
• Drive the adoption of the common business rules, metrics and measures and ensure that security architecture commitments, policies and procedures are adhered to 
• Facilitate the analysis of the current business environment to detect critical deficiencies and recommend solutions for the improved use of information technology, network infrastructure and related solutions and applications
• Incorporate sound architectural governance practices to optimise Group Information Security technology and Security Architecture investments (both internally owned and provided by service providers)
• Improve and refine the security architecture portfolio with regards to additional frameworks and strategies required to improve the cybersecurity posture of the MTN group
• Lead and work on highly complex projects that require in-depth domain knowledge of multiple specialized security architecture areas
• Provide on-going subject matter expert level consultation to project teams, application owners, and other technology and network teams on relevant security controls requirements
• Model threats and risks as well as the controls necessary to mitigate them, on both an organisational and technical level – thinking like a malicious hacker, understanding and anticipating the moves and tactics that a hacker might use to attack the MTN network and systems
• Work closely with the relevant MTN Group verticals to identify and select the right security technology to protect MTN’s mobile Network, Digital & IT infrastructure, cloud and IoT solutions
• Define functional and non-functional security requirements and criteria to conduct technology evaluation and selection
• Maintain a 3 - 5 years security architecture road map with budget requirements to prevent future cybersecurity attacks. Articulate the solution to senior management to receive executive buy-in
• Work with the application functions/ teams to identify and assist with the implementation of Security policy, process, people and technology improvements. This includes the use of automation and security specific testing tooling; Analysing and providing remediation guidance for identified weaknesses or vulnerabilities; validate and verify remediation implementation
• Manage and resolve escalations that have impact on critical path of service delivery
• Escalate issues that will result in severe time, scope, productivity, and cost or resource or reputational impact
• Manage and provide solutions to escalations that have multiple processes / functions impact on critical path of service delivery
• Input on objectives, targets, and budgets
• Action key cyber security risks, issues and dependencies and set mitigation actions
• Report on a periodic basis on progress made within the function and or specific projects  in accordance with the measurement metrics set by the organization
• Collaboration 

Responsibility towards: 

• Key external stakeholders: 
• External contractors & partners 
• Key internal stakeholders:   
• Group business verticals
• MTN OPCOs 
• MTN Group InfoSec team 
• Internal Auditors
• Compliance

QUALIFICATIONS

Education:

• 4-year Information Technology/ Information Systems/ Engineering (or related) Degree
• Master’s in business administration is advantageous
• CISSP/CISM/CEH/CSSP (one of)
• SABSA and/or TOGAF qualification will be an advantage
• Cloud certifications (Azure, GCP, AWS) will be an advantage
• Other Architectural qualifications (ITIL, TMF, COBIT) will be an advantage

Experience:

• 5 - 6 years’ of relevant work experience in IT / Core Networks/ Cloud technologies.
• A deep understanding of the Information Technology environment of a Telecom company or ISP
• Experience in designing and implementing organization wide network security policies, capabilities and features.
• Experience in managing and implementing large scale Network security projects
• Worked across diverse cultures and geographies; Pan Africa multi-cultural experience is advantageous

Functional Knowledge: 

• Knowledge of technical security disciplines, specifically around security architecture, engineering, and solution delivery
• Knowledge and experience across security products, tools, and industry trends: e.g. Mobile Network Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security, Application integration and Infrastructure Security, Security Frameworks (ISO27001, COBIT, NIST etc.), security attacks pathologies, wired and wireless security, and cyber laws and ethics
• Security protocols, communication protocols, cryptography, authentication and authorisation across mobile networks and systems
• Implementation of multi-factor authentication, single sign-on, identity management or related technologies
• Working knowledge of current security risks, risk management and assessments
• Deep understanding of the MTN business and technology strategy