View Jobs at MTN |
Full Time |
Lagos |
Posted 8 months ago |
We are recruiting to fill the position below:
Job Title: Specialist – Security Governance and Assurance
ADVERTISEMENT
Job Identification: 3742
Location: Ikoyi, Lagos
Job Schedule: Full time
Job Category: MTN Level 2
Reports To: Manager – Security Governance and Assurance
Division: Information Technology
Mission
- To be involved in all facets of Information security controls design, implementation, control assessments and optimization; implementation of ISO and NIST controls in line with the approved Cybersecurity Strategy; implementation of secure resilient technology that supports the business processes within MTN Nigeria.
- The position includes the development, implementation and maintenance of quality plans and procedures that allows MTNN to respond to industry standards, relevant legislation and current best practices.
Description
- Ensure implementation of technical security standards/baselines across MTNN’s technology platforms as well as ongoing monitoring and reporting of compliance against the standards.
- Ensure the integration of the MTNN’s technology platforms into the security compliance and monitoring eco-system both at opco and Group level then regularly confirm and report on ongoing effectiveness.
- Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
- Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
- Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
- Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
- Lead IT Controls Assessments and compliance exercises.
- Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
- Monitor the effective cascading of the Compliance strategy into the Compliance Monitoring business plans to ensure vertical alignment and horizontal integration with other interfacing strategies.
- Monitor compliance to Information security policies, procedures and standards via a robust information security program/plan depicting continuous planned and ad-hoc audit and review exercises.
- Liaise with other relevant functions/stakeholder to implement information security as defined by MTN Nigeria.
- Manage escalating issues (within the information security domain) along with relevant stakeholders.
- Assist relevant business owners and custodians in identifying and setting activities logs, audit trails, functional and technical requirements, and ensure adequate custody of such.
- Provide adequate support for any escalated information security issues (when needed).
- Perform Problem, Change, and Release & Configuration Management as it pertains to Information Security.
- Specify, assist and delegate information security system integration concepts into SDLC process.
- Drive the Automation of the Security Baseline configuration using Enterprise tools.
- Serve as an internal information security consultant to MTN and advise on trending information security technologies/related regulatory issues.
Requirements
Education:
- Minimum of First Degree in Computer Science, Engineering, Information Technology / Systems or any related discipline preferred Certifications:
- Any of Certified Information Security Manager (CISM) or Certified Information Security Systems Professional (CISSP) will be advantageous,
- A combination of Certified Information Systems Auditor (CISA) and any of Certified in Risk and Information Systems Control (CRISC) or Certified in Governance of Enterprise & IT (CGEIT), CCNA Security, CompTIA Security.
Experience:
3-7 years of work experience which includes:
- Experience working in the Information Security domain.
- Experience in the Cybersecurity Consulting, Digital Risks or Telecommunication sector is advantageous
- Proven experience in Information Security related Governance, Technology Risk Management and Compliance, ITGCs & Automated Controls.
- Experience conducting regular risk assessments to identify, evaluate, and prioritize cyber risks across the organization’s systems, applications, and processes.
- Experience in Data Privacy controls including knowledge of Data Privacy regulations.
- Technical experience around Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, Technical systems baseline governance & Implementation.
- Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring that the implementation adheres to standards and best-practices.
- Knowledge of SQL is desirable – minimum Intermediate.
- Experience with database security administration tools, security assessments and secure database configuration.
Application Closing Date
7th February, 2024.
ADVERTISEMENT
Job Features
Job Category | Specialist - Security Governance and Assurance |
Others Also Applied For:
ADVERTISEMENT