Executive - Information Security (Group Technology) MTN MTN is Africa’s largest mobile network operator, sharing the benefits of a modern connected life with 272m customers in 19 markets across Africa and Middle East View company page The Executive: Information Security’s core purpose is to develop, implement and maintain the Information Security Management System Framework across the MTN Group to ensure information assets and technologies are safeguarded.The Executive: Information Security contributes to strategy development and manages the execution and implementation of strategic initiatives through working with and across functions, multiple processes, discipline technologies, products, teams and customers.PurposeMTN is an emerging market mobile operator at the forefront of technological and digital changes. We deliver a bold, new digital world to our customers across Africa and the Middle East – one of the world’s fastest-growing regions for mobile telecommunications. We believe everyone deserves the benefits of a modern connected life.With the changing global business landscape, cyber risks organisations face are on the rise. If these cyber risks are not correctly managed, new vulnerabilities could compromise customer data confidentiality, integrity and availability, ultimately affecting the performance of networks and information systems.Operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates. The Group’s Information Security function must therefore ensure the successful delivery in context of:Rapidly changing ICT environmentThe geographic complexity of MTN’s foot print across Africa and the Middle EastManagement of executive and local shareholder expectations across all OpCos and PlatformCos.Achievement of top quartile operating efficiency and effectiveness through scale and common processesDriving growth through business intelligence and standardization to maximize business impactManagement of customer and supplier expectationsEnhance MTN position as a leading network, system and platform providerConstant dynamics and local challenges in the economic, regulatory and legal environmentsValuesWe at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us.Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.Lead with CareCan-do with IntegrityCollaborate with AgilityServe with RespectAct with InclusionKey Performance AreasGovernanceStrategic MeetingsChair the Group Information Security ForumCo-Chair the Group Technology and Security Governance CouncilRepresent Group Security at various governance forums, including but not limited to Group GOC, Group ERMCO, Fintech TSCG, Fintech ERMCO, AI SteercoInitiate and hold strategic meetings, ensure relevant participation and provide direction for the various discussions;Drive adequate risk mitigation and controls;Ensure Approval on new initiatives;Review and finalise objectives, targets and budgets;Authorise and / or secure relevant budget for internal projects;Authorise and / secure authorisation for proposals on change initiatives;Attend tactical meetings on a needs basis; andEvaluate areas of improvement across people, process and technology.EscalationsManage and resolve issues that will result in severe time, scope, productivity and cost or resource impact; andResolve and provide guidance to issues escalated.TacticalOversee all projects and initiatives that are aligned to strategic imperatives;Review key risks, issues and dependencies and set mitigation actions; andSign-off / make decisions regarding tactical changes.PerformanceMonitor and ensure alignment with MTN global strategy and per industry best practices;Review performance against agreed Key Performance Indicators (KPIs)Ensure provision of appropriate support to commercial functions; andEvaluate plans for continuous improvement.ReportingReport on a monthly basis to Group Chief Technology and Information Officer relating to progress made within the division and in accordance with the measurement metrics set by the organisation.Report on monthly basis to the Group Chief Business Risk officer of any risks identified.Report the operational security status across the Group (including Opcos and PlatformCos) on a weekly basis to the relevant organisation stakeholders across Group, Opcos and PlatformCosPerform on an adhoc basis on specific projects, as required.BudgetsOversee divisional budgets in line with business objectives and facilitate forecasting;Oversee project initiative budgets in line with business objectives; andDrive initiatives that will ensure that the “cost of operations” are reduced, in line with a least cost operating strategy stemming from the business drivers.Contribute the OpCos and PlatformCos security budget guidelines to the overall technology budget guidelinesOperational DeliveryDevelop and implement the overall information security framework and strategy, overarched by the business risk strategy, ensuring the effective implementation and adherence across all the business;Drive the development and implementation of the requisite information security policies, procedures, guidelines and standards;Ensure that the security requirements for new information processing facilities have been identified and approved;Ensure that functional and technical security architectures are defined for the security of IT and telecom network infrastructure and monitor compliance thereof;Ensure that the technology architecture is effective to manage threats and re-architecture (if required) to ensure consolidation of systems, vendors, processes and procedures;Ensure that the information security policies, procedures, standards and guidelines for use throughout MTN are reviewed yearly and updated in a timely manner to accommodate changes in the Technology or business environment;Facilitate information security risk assessments in OPCOs and PlatformCOs to ensure threats are managed.Identify emerging information security trends in the telecom industry and engage the MTN stakeholders to ensure that threats are managed;Define and communicate to management, the key threats to the information assets at various point of time;Encourage the participation of the managers, auditors, legal department and the staff members from various functions, who can contribute to compliance with the information security practices;Oversee (or assist, if required) the investigation of security threats or other attacks on the information assets at OPCOs and PlatformCOs;Ensure the maintenance and review of all critical incidents that have occurred and the corresponding resolution timeframe and inform the Executive Committee;Liaise with OPCO and PlatformCO to set up an Information security education and awareness program at the OPCO and PlatformCO level;Liaise with external entities - cyber security team and law enforcement – agencies, in case of an escalated security breach;Implementing cyber security management and driving the engagement across the MTN footprint;Engage the Business Risk and Audit teams to ensure alignment of security processes against business risk;Reporting at operations and audit committee and managing the actionable outcomes related to security.Managerial / Supervisory ResponsibilitiesSet overall direction for the division;Provide guidance and leadership ensuring future focus and current efficiency;Coach and mentor direct reports to ensure staff motivation is high;Ensure adequate succession planning and that succession plans that are in place are achieved;Ensure skill transfer for staff development, motivation and business continuity;Ensure the team is led, motivated and rewarded to achieve high performance areas;Ensure assigned team is led, motivated and rewarded to achieve KPAs;Ensure the effective management of diversity among personnel in the division;Identify staff training and development needs and implement necessary actions;Manage team (including recruitment, on-boarding, attrition);Set goals and objectives for direct reports, monitor progress and maintain motivation;Provide career development for direct reports (counselling, coaching, identifying key performance areas, career planning and goal setting);Set up appropriate structure to meet departmental management objectives; andProvide an advisory function on governance and best practices in client experience.Responsibility towards:Key external stakeholders:External AuditorsPartnersLaw enforcement agenciesGSMAKey internal stakeholders:Group ExcoOpco and PlatformCo CEO’sGovernance ForumsAudit CommitteeInternal AuditorsGroup Privacy OfficeBusiness RiskComplianceInformation TechnologyGroup CTIOGroup Information Security TeamOpCo and PlatformCo Information Security Heads/ CIOs/ CTOsEducation:4 year Engineering/ Information Science DegreeMasters in Information Science is preferredCISSP certificationOther preferred certifications are: CISA CISM, CBCP, ISO 27001, Lead Auditor or Lead ImplementerExperience:12 - 15 years of relevant work experience in Information Technology (specifically security)5-8 years of experience at the Senior Management level in the telecom industry5-8 years working experience in managing information security in a large organisationExperience in designing and implementing organisation wide information security governance, management, risk, operational and reporting frameworksExperience in managing and implementing large scale information security projectsExperience in Governance, Enterprise Risk Management and Compliance, and security resilienceExperience in Security Operations, Security Architecture, Cloud Security and Threat IntelligenceExperience in Telco and core network securityExperience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challengesAdvanced working understanding of the information technology environment of a telecom companyOther:Telecommunications industry experienceGlobal mindset to service worldwide operationsPan Africa and Middle East multi-cultural experienceMulti-country operations oversight experienceWilling and flexible to travel within Africa and Middle EastUnderstanding of general regulatory requirements in the telecom industryKnowledge:Complex structuresOperational managementMarketing best practices and trendsICT industry and benchmarking practicesBusiness Performance ManagementResource ManagementCustomer SatisfactionSkills:AnalyticalConflict managementData interpretationDealing with ambiguityDealing with complexityLeadershipNegotiationNumericalBehavioural QualitiesValue CreatorCulture and Change TranslatorStakeholder InfluencerExecuterAbility to operate under extreme pressureResults AchieverWe are a purpose and value-led organization.At MTN, we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work,everyday. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood and empowered to live an inspired life.Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drivesmeaningfulresults. A workplace that is built on relationships and achieving a purpose that is bigger than us. This is what we want you to experience with us!Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.We are delighted that you are considering usas your career partner to make a mark in the world.We look forward to your application!Explore more InfoSec / Cybersecurity career opportunitiesFind even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.#J-18808-Ljbffr