Senior Specialist: Network Security at MTN

Mission/ Core purpose of the Job

The Senior Specialist Network Security is responsible for delivering technical security solution designs, technical reference architecture designs, and technical security configuration standards for the MTN Legacy and Cloud technology stacks. This includes third-party interfaces, the internal core network interfaces as well as capabilities across different service models of the cloud (SaaS, PaaS, IaaS). The focus will be given to integrating, securing, isolating and protecting applications migrated into the Cloud environment.

Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)

The Network Security Senior Specialist will be accountable to achieve the following objectives:

• Develop and design Cloud Security Architectures (e.g., people, processes, technology);
• Responsible for the implementation of technical architectures for group wide risk mitigation of key risk areas on MTN Cloud and legacy Solution Stack, including security monitoring, cloud security assurance, group policy and vulnerability management.
• Assist OPCOs with cloud and legacy technical security solution designs and implementation
• Determine a holistic view of technical security requirements on Cloud Solution Stack by evaluating current security operations and requirements; researching security standards; studying architecture/platform; identifying integration issues and preparing cost estimates.
• Evaluate integration points to ensure they provide adequate protection for the processing, transmission, and storage of transactions.
• Ensure a standardized and aligned approach driven from Group Information Security for security architecture across the MTN footprint.
• Assist Senior Management to develop and implement the overall cloud security architecture requirements and framework, overarched by the business risk strategy.
• Responsible for the development and implementation of the cloud security architecture roll-out definition and actualization via third parties.
• Roadmap definitions for cloud security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
• Responsible for the implementation and ongoing compliance of key Cloud Security Solutions
• Responsible for the implementation of Cloud Firewalls, WAFs, IPS, Network Segmentation tools and related process controls to address Network Security in the cloud and Shadow IT risks, in cooperation with the Cyber Defense, GRC and programs teams.
• Perform best-practices risk assessment and Security Quality Assurance of the MTN Cloud Platforms in co-operation with the Governance Risk and Compliance teams.
• Assist with management of divisional budgets in line with business objectives and facilitate forecasting.
• Manage project initiative budgets in line with business objectives; and
• Drive initiatives that will ensure that the “cost of operations” are reduced, in line with a least cost operating strategy stemming from the business drivers.

Role Dependencies

• Active support from the Group CTIO; Executive: Information Security
• OPCO LISO’s, Regional Coordinators, Governance Forums, Audit Committee, Internal Auditors, Business Risk, Compliance
• Deep understanding of the MTN business strategy
• Understanding of the OPCO technology, business and regulatory context
• Timely decision making and reporting
• Alignment of OPCO and Group strategy initiatives

Education:

• 4 year Engineering/ Information Science Degree
• Masters in Information Science is preferred

Experience:

• 5-8 years of relevant work experience in IT Security /Core Network/ IP Networks/ Cloud technologies.
• Experience in designing and implementing organization wide network security policies and features in the Telco environment.
• Experience in managing and implementing large scale network security projects. Implementation of proactive measurements against new threats.
• Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
• Advanced working understanding of the Information Technology environment of a mobile network operator.
• Experience in working across diverse cultures and geographies (advantageous)
• Experience working in a medium to large ICT / Telecommunications organisation
• A wide understanding of Security applications and capabilities is required to ensure secure deployment and operations of MTN key applications.
• A mature understanding of the Hybrid cloud environment is required in order to support the legacy and cloud technology stacks and provide strategic guidance to the MTN OPCOs.