Specialist, Security Operations & Risk at 9Mobile

Job Summary        

• Analyse EMTS information security environment and recommend security measures to safeguard valuable enterprise information assets.
• The role will work in close partnership with the security teams within supplier organisations, Infrastructure Operations, Network Operations and Applications teams to provide a view into the security posture of 9mobile through comprehensive security reports.
• This individual will also ensure compliance to EMTS security policies, processes and procedures.

Principal Functions        
Operational:

• Work with IT partners to ensure that 9mobile is protected from security threats and vulnerabilities by ensuring that all security management and monitoring platforms are performing optimally.
• Drive the remediation effort to closeout all audit exceptions raised by Internal Audit during any IT security audit exercises.
• Collaborate with EMTS business units and other risk management/assurance functions to identify security requirements/security risks associated with ongoing/new projects. Implement these strategies and plans to meet these requirements and plans to mitigate identified risks throughout the project life cycles.
• Perform vulnerability assessments to identify control weaknesses, assess the effectiveness of existing controls and recommend remedial action to curtail identified weaknesses
• Assess and validate information security provisions in new application developments or projects, ensuring controls are in line with corporate guidelines
• Participate in the development of information security processes and ensure that security controls and procedures in agreed service-level agreements (SLAs) are managed and maintained.
• Assist in defining security configuration baselines, drafting IT security policies and security operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Coordinate security investigations, forensic investigations and compliance reviews as requested by internal or external auditors.
• Provide support in implementing new or updated information security technologies.
• Research and assess new threats and security alerts and recommends remedial action.
• Responsible for the implementation of Information Security Education/Awareness strategy and the propagation of the same among all staff of 9mobile using existing communication channels or proposing new ones
• Manage technical assessments of the major information security subsystems in accordance with established policy and best practice guidelines, checking for compliance with the systems, policies, and procedures and driving remediation where non-compliance exists.
• Investigate computer security incidents, and recommend corrective actions.
• Carry out other duties as instructed by the Head, Information Risk Management.

Educational Requirements        

• First degree or equivalent in Electrical / Electronic or Telecommunication Engineering, Computer Science or Engineering or Numerate discipline.
• Four (4) to six (6) years work experience with at least 2 years experience in at least two IT disciplines, including technical infrastructure, application development, middleware, database management, and operations (as an advantage).
• Relevant Enterprise Information Security and Architecture Certifications are required e.g. CISA, CISSP, CCNA, CCSP, ITIL, CoBIT etc.
• Experience in computer forensics, information warfare, cybercrime, etc. is desirable.
• Good understanding of Information Security standards e.g. ISO27000:2005.
• Experience in Project Management and Business Process management is an added advantage.