Jobs at MTN Nigeria

Reports To: Manager - Security Governance and Assurance

Division: Information Technology

Mission:

• To be involved in all facets of Information security controls design, implementation, control assessments and optimization; implementation of ISO and NIST controls in line with the approved Cybersecurity Strategy; implementation of secure resilient technology that supports the business processes within MTN Nigeria. The position includes the development, implementation and maintenance of quality plans and procedures that allows MTNN to respond to industry standards, relevant legislation and current best practices.

Description:

• Ensure implementation of technical security standards/baselines across MTNN’s technology platforms as well as ongoing monitoring and reporting of compliance against the standards.
• Ensure the integration of the MTNN’s technology platforms into the security compliance and monitoring eco-system both at opco and Group level then regularly confirm and report on ongoing effectiveness.
• Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
• Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
• Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
• Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
• Lead IT Controls Assessments and compliance exercises.
• Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
• Monitor the effective cascading of the Compliance strategy into the Compliance Monitoring business plans to ensure vertical alignment and horizontal integration with other interfacing strategies.
• Monitor compliance to Information security policies, procedures and standards via a robust information security program/plan depicting continuous planned and ad-hoc audit and review exercises.
• Liaise with other relevant functions/stakeholder to implement information security as defined by MTN Nigeria.
• Manage escalating issues (within the information security domain) along with relevant stakeholders.
• Assist relevant business owners and custodians in identifying and setting activities logs, audit trails, functional and technical requirements, and ensure adequate custody of such.
• Provide adequate support for any escalated information security issues (when needed).
• Perform Problem, Change, and Release & Configuration Management as it pertains to Information Security.                           
• Specify, assist and delegate information security system integration concepts into SDLC process.
• Drive the Automation of the Security Baseline configuration using Enterprise tools.
• Serve as an internal information security consultant to MTN and advise on trending information security technologies/related regulatory issues.

Education:

• Minimum of First Degree in Computer Science, Engineering, Information Technology/Systems or any related discipline preferred

Certifications:

• Any of Certified Information Security Manager (CISM) or Certified Information Security Systems Professional (CISSP) will be advantageous,
• A combination of Certified Information Systems Auditor (CISA) and any of Certified in Risk and Information Systems Control (CRISC) or Certified in Governance of Enterprise & IT (CGEIT), CCNA Security, CompTIA Security.

Experience:

3-7 years of work experience which includes:

• Experience working in the Information Security domain.
• Experience in the Cybersecurity Consulting, Digital Risks or Telecommunication sector is advantageous
• Proven experience in Information Security related Governance, Technology Risk Management and Compliance, ITGCs & Automated Controls.
• Experience conducting regular risk assessments to identify, evaluate, and prioritize cyber risks across the organization's systems, applications, and processes.
• Experience in Data Privacy controls including knowledge of Data Privacy regulations.
• Technical experience around Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, Technical systems baseline governance & Implementation.
• Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring that the implementation adheres to standards and best-practices.
• Knowledge of SQL is desirable – minimum Intermediate.
• Experience with database security administration tools, security assessments and secure database configuration.

go to method of application »

Reports To: Manager - Operations Charging and Subscription

Division: Information Technology

Mission

• To manage and coordinate information technology operations to ensure delivery of timely and effective IT services. 
• Responsible for investigation and analysis of user problems and application bugs and subsequent problem resolution and technical testing of patches. 

Description

• Assist in developing maintenance plans per application and carry out the maintenance of applications, re-configuring, building and testing components in accordance with OLAs and SLAs.
• Code applications in accordance with good security coding practices to ensure the application is free of most common coding vulnerabilities. 
• Create and execute/coordinate technical test plans for application change, new deployment and upgrades.
• Participate in transitions of the application or technical architecture components to the testers. 
• Fix any defects and performance problems discovered in testing.
• Monitor Service Performance to ensure maximum service availability.
• Ensure effective management of changes to minimize service disruption and maximize service availability and quality.
• Work with the Engineering and Delivery teams to ensure Quality and effective implementation of projects and changes maintaining maximum uptime of production services
• Work with other dependent teams such as Vendors, Service Management, Security team, Delivery and Engineering team, other Operations teams. 
• Provide information timely for Audits and Security requests and ensure any gaps raised are closed.
• Ensure effective access controls to supported systems.
• Regular Stakeholder Engagement to understand business drivers and ensure system availability and performance to support the business.
• Ensure Incident and Problem resolution within SLAs

Education:

• First degree in Computer Science, Information Technology or related discipline
• Fluent in English 

Experience:

3 – 7 years of experience including:

• Experience working in a medium-sized organization 
• Excellent knowledge of IT support procedures, application construction, hardware technologies, systems integration and development techniques within the Telecommunications sector