Responsibilities
The Specialist – Risk and Compliance is responsible across the following below areas:
Role Management
- Manages that role build/amendments encompass the principles of least privilege access, Segregation of Duties (SoD) and ensure safeguarding of the GT in collaboration with Functional Process Owners
- Manages role master maintenance is performed on a regular basis with global process leads
- Drive the risk and impact assessment process for solution changes to the roles, process, affected users and potential impacts on defined risks
Access Certifications
- Performs the planning and execution of access certifications in collaboration with OPCO’s/GPL’s
- Provides regular updates and analysis of access certifications
- Executes the removal of access, as outcome of the certification process
Incident and request management, and coordination and oversight on third-level and fourth-level resolution:
- Resolve incidents and requests raised by the users in a timeous manner for the provisioning of users, by acting as first-level of support and safeguarding MTN BOOST Global Template (GT)
- Engage with relevant stakeholders constantly to quickly and accurately identify the root cause of issues or problems to minimise delays/slippages and create Frequently Asked Questions (FAQ) document to address recurring issues
- Escalate issues that may result in considerable time, scope, employee/client, or cost impact according to established governance structures
- Ensure smooth running of day-to-day operations and user support
- Triage incidents and requests, and escalate to the third-level support performed by support service provider
- Coordinate timeous resolution of incidents and requests raised with support service provider
- Identify opportunities for achieving operational efficiencies through continuous improvement activities
- Conduct research and trend analysis to support strategic initiatives
User manual updates:
Update, review and change control management of the following user manuals:
- Role management
- Access Certification
Release management:
- Review new features (both Enabled and Disabled) which are required for MTN
- Resolve conflict arising from various impacts
- Review the demand requests generated for releases with high impact
- Manage role definition documentation post release
Demand management:
- Validate demand requests raised by OpCos and/or Group Functions and assess their impact on other functional domains
- Prioritise and identify demands to be implemented in collaboration with Portfolio Manager, Project Management Office (PMO)
- Provide oversight across major demands and deployments, and resolve any conflicts raised by Global SME
Compliance management:
- Provide input as required for internal and external audits and review of risks and controls
- Provide inputs as required to support implementation of corrective actions based on audit findings and policy changes
Information Technology General Controls (ITGC’s):
- Providing assurance partners with evidence of ITGC’s execution
Contracting, recharge model, budget cycle, business, and financial cycle including Talent and Performance Management (TPM):
- Support the GRC team, to provide domain specific inputs to Financial Operations team
- Provide inputs to the budget planning activities as required
- Focus on self-development by taking relevant trainings
Governance forums, integration, and oversight reporting:
- Provide data and inputs to various reports to be presented at MTN group governance forums, MTN BOOST Lead steercos, OpCos and partner governance forums
- Participate in governance forums for timely feedback (if and when requested)
- Foster strong relationship with respective OpCos and MTN group function (stakeholder accountable for the function) to drive the GRC objectives.
Qualifications
Education:
- Minimum of 3-year tertiary diploma in IT, Finance, or Risk Management or equivalent Oracle Risk Management certification (preferred)
- Fluent in English with the ability to communicate and describe complex technical solutions in easy-to-understand concepts
Experience:
- Minimum of 2 years’ experience in access certification and role management as an area of specialisation
- Experience in Telecom / Finance / Insurance industry (preferred) or an equivalent multi-national organisation with extensive geographic footprint (Preferred)
- Experience working in diverse cultures and geographies (Advantageous)
- Large ERP Experience (preferred)
- Cloud experience (preferred) – includes experience in small scale Software as a Service (SaaS) solution with hybrid or private data centre deployments
Competencies:
Functional Knowledge:
- Functional process understanding (Proficient)
- Training (Proficient)
- Cross functional understanding (Intermediate)
- MTN policies and procedures understanding (Proficient)
- Continuous improvement (Intermediate)
Technical skills
- Application management (Proficient)
- Data analytics (Proficient)
- Testing management (Intermediate)
- Infrastructure and platforms management (Basic)
- Data management (Intermediate)
Leadership Qualities
- Strategic planning (Basic)
- Stakeholder management (Proficient)
- People development (Intermediate)
- Innovation (Intermediate)
Behavioural Qualities
- Collaboration (Proficient)
- Critical thinking and problem solving (Proficient)
- Communication (Proficient)
- Accountability (Proficient)
- Adaptability (Intermediate)
Responsibility towards:
Key external stakeholders:
- 3rd party vendors
- External audit team
Key internal stakeholders:
- MTN OpCo SMEs/ Process Leads (PLs) (First-level of support)
- MTN OpCo user
- MTN governance councils (IT Design Council (ITDC)/ Change Control Board (CCB)/ any others)
- Global Process Sponsor (GPS) (Global function)
- MTN Group Information Security (GIS)
- MTN Group Risk and Compliance (GRC)
- MTN BOOST Project Management Office (PMO)
- MTN BOOST Global Process Owners (GPO)/ Global Process Lead (GPL)
- MTN BOOST SME (Second-level of support across other areas)
- Internal audit team
Gmail
Yahoomail