Specialist, Security Architecture, Planning, Operations & Governance at T2 (Formerly 9Mobile)

Job Summary

Analyse EMTS information security operations environment and recommend security measures to safeguard valuable enterprise information assets. The role will work in close partnership with the security teams within supplier organisations, Infrastructure Operations, Network Operations and Applications teams to provide a view into the security posture of 9mobile through comprehensive security reports. This individual will also ensure compliance to EMTS security policies, processes and procedures. The ideal candidate will possess deep expertise in network security principles, threat management, and risk assessment, contributing to the design, implementation, and maintenance of our organization's security posture

Roles and Responsibilities

Operational

• Work with various stakeholders to ensure that 9mobile is protected from security threats and vulnerabilities by ensuring that all IT and technical assets security are secure.
• Drive the remediation effort to close out all audit exceptions raised by Internal Audit during any IT security audit exercises.
• Collaborate with EMTS business units and other risk management/assurance functions to identify security requirements/security risks associated with ongoing/new projects. Implement these strategies and plans to meet these requirements and plans to mitigate identified risks throughout the project life cycles.
• Perform vulnerability assessments to identify control weaknesses, assess the effectiveness of existing controls and recommend remedial action to curtail identified weaknesses
• Assess and validate information security provisions in new application developments or projects, ensuring controls are in line with corporate guidelines
• Participate in the development of information security processes and ensure that security controls and procedures in agreed service-level agreements (SLAs) are managed and maintained.
• Assist in defining security configuration baselines, drafting IT security policies and security operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Monitor network traffic for suspicious activity and respond to security incidents in a timely manner.
•  Collaborate with cross-functional teams to integrate security measures into the organization's infrastructure and applications.
• Responsible for the implementation of Information Security Education/Awareness strategy and the propagation of the same among all staff of 9mobile using existing communication channels or proposing new ones
• Carry out technical assessments IT and technical assets in accordance with established policy and best practice guidelines, checking for compliance with the systems, policies, and procedures and driving remediation where non-compliance exists.
• Investigate and resolve information security incidents according to the incident response plan and within the stipulated SLAs.
• Carry out other duties as instructed by the Manager, Security Operations and Head, IT Security & Governance.

Education and Experience

• First degree or equivalent in Electrical/Electronic or Telecommunication Engineering, Computer Science or Engineering or Numerate discipline.
• Three (3) to Five (5) years’ work experience with at least 3 years’ experience in IT security operations, networking, enterprise architecture, application development, DevSecOps, IT Audit, and other closely related disciplines.
• Relevant Enterprise Information Security and Architecture Certifications are required e.g. CISA, CISSP, CCNA, CCSP, ITIL, COBIT, CCSA, CCSE, Fortinet NSE etc.
• Strong knowledge of networking protocols (TCP/IP, DNS, DHCP, etc.) and network architecture.
• Extensive experience with security tools and technologies such as firewalls, IDS/IPS, SIEM, and endpoint protection.
• Demonstrated experience in design and implementation of security architecture.
• Proficiency in scripting languages (Python, Bash, etc.) for automation and security analysis.
• Proficiency in the use of vulnerability assessment/penetration testing tools.
• Familiarity with cloud security principles and platforms (AWS, Azure, etc.) is a plus.
• Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.
• Highly developed business communications skill (verbal and written), team player, change agent, strategic and creative, and excellent project management skills.
• Excellent problem-solving skills and ability to cope and deliver at satisfactorily high levels when under pressure.
• Exceptional analytical, quick-learning and critical thinking skills.
• Good understanding of Information Security standards and Frameworks e.g. ISO27001, NIST CSF 2.0
• Experience in Project Management and Business Process management is an added advantage