MTN Mobile Money Uganda Limited is an equal opportunity employer and is seeking to recruit competent individuals to fill the following Position.

Job Title: Specialist – Cyber Security Operations

Reporting to: Manager – Information Security

Division – IT

No. of Vacancies: 1

 

Mission/ Core purpose of the Job

The Specialist Cyber Security Operations executes MTN Mobile Money Uganda’s Security & Privacy capability (managing the end-to-end of security, right from Security policy implementation to governance; Identity Management & Access Control; Security Architecture & engineering and security operations). The role works closely with the Technology team to ensure that all requisite controls are in place to protect all technology & data assets from unknown malicious attacks.

 

The Specialist Cyber Security Operations reports to Manager Information Security and is an individual contributor. The role maintains liaison with Group Fintech Technology team, MTN Group Information Security Team and GSM Opco Information Security teams as and when required

Main Job Functions:

 

Strategy Implementation

  • Abide by and execute the functional strategy cascaded by the functional lead
  • Assist in review of the functional strategy and roadmap, in collaboration with the functional lead, to ensure its alignment with the changing dynamics of the internal and external ecosystem

Governance

Strategic Meetings

  • Participate in strategic meetings, when required
  • Execute OpCo wide transformation initiatives, when required by the functional lead
  • Implement adequate risk mitigation and controls, with directions from the functional lead
  • Assist in the evaluation baseline of Service Level Agreements (SLAs) and KPIs, when required
  • Assist in the preparation of proposal on change initiatives SLA, policies, and procedures, when required

Escalations

  • Escalate issues that will result in severe time, scope, productivity, and cost or resource impact to functional lead

Function Tactical

  • Execute projects initiated in the specific sub-function
  • Abide by the established objectives, targets and budgets for the sub-function, when required
  • Document identified key risks, issues and dependencies and set mitigation actions, with guidance from the functional lead
  • Prepare documentation required for sign-off on tactical changes

Performance

  • Ensure execution in alignment with divisional strategy

Reporting

  • Report on a daily basis to the functional lead relating to progress made within the work area and in accordance with the measurement metrics set by the organisation
  • Report on an ad hoc basis on specific projects, as required

Budgets

  • Abide by function’s budgets in line with business objectives
  • Abide by project initiative budgets in line with business objectives

Operational Delivery

  • The role is accountable for the following work area outcomes:

Strategy & Analytics, Budgeting, Data and Reporting

  • Execute policies, procedures and guidelines cascaded by the functional lead and ensure compliance with the same
  • Comply with the set governance mechanisms, under supervision from the functional lead
  • Evaluate the efficiency and effectiveness of Information security strategies and propose and offer suggestions for improvements

Information Security Operations

  • Implement group security governance and security strategies, including the definition and delivery of OpCo-wide implementation plan, in accordance with group strategy, corporate governance and international security standards.
  • Ensure implementation and adherence to the Information Security standards, guidelines & processes as prescribed by MTN Group Information Security teams and Group DigiFin Information Security teams
  • Execute adoption of newly implemented security solutions to operational environment as well as in-depth security testing in order to keep security risks to the OpCo’s assets and networks / the response time to security threats at a minimum.
  • Monitor all OpCo assets and take timely action in response to fraudulent activities related to the information systems
  • Conduct regular threat monitoring and vulnerability & penetration tests to test IT security resilience. Prepare detailed reports and present to manager. Where gaps are identified, suggest possible remedial actions and suggest future proofing techniques
  • Conduct security trainings, building of a knowledge repository and distribution of security governance documents (covering end-to-end security) as part of the overall objective of promotion and ensuring awareness of security standards, policies and procedures amongst the employees
  • Support group and technology team in designing, reviewing and implementing security architecture plans and blueprints
  • Execute adapting, testing (UAT, performance, functions) and piloting of new/extended security services/systems as well as their implementation with the view to minimise the negative impact on operations
  • Support in the creation of long- and short-term implementation roadmaps to meet all identified security requirements
  • Develop business continuity and disaster recovery plans for security systems, in collaboration with the Ethics, Risk and Compliance team, so as to implement action plans that respond quickly and effectively to potential disasters
  • Execute the deployment, configuration and on-going administration of Identity management and Authentication products in the OpCo
  • Ensure that all information / data is accessed only by rightful users and no data leakage / pilferage happens in the OpCo
  • Institute mechanisms such as Single sign-on (SSO), multifactor authentication etc to ensure that proper mechanisms for preserving identity and user access is enforced
  • Lead the development and maintaining of relations with government representatives, as required
  • Where required, escalate unsolvable issues to Manager Information Security in a timeous manner
  • Other tasks and duties, as assigned

 

 

Job Requirements (Education, Experience and Competencies)

Education:

 

  • A Degree in Computer Science, Software Engineering, Information Systems, Information Technology or related field
  • Relevant post graduate qualification is an advantage

 

Experience:

  • A minimum of 2 to 3 years’ total experience in Information Security or allied field is required
  • Experience in Fintech, banking or Mobile Money is preferred
  • Experience working in a global/multinational enterprise with a good understanding emerging markets is preferred

Competencies:

Functional Knowledge:

  • IT Security assessment
  • IT Security compliance
  • Security Engineering
  • Identity & Access controls
  • Vulnerability & Penetration testing
  • Threat management
  • Privacy controls

Skills

  • Analytical thinking
  • Continuous improvement
  • Data interpretation
  • Delivery focused
  • Presentation

Relationship building

MTN Mobile Money Uganda Limited has the obligation to safeguard its employees through providing a working environment that is safe and without risk to the health of its employees. MTN has a Vaccination policy for all its employees to be fully vaccinated against Covid-19 in order to work from its offices and premises.

APPLY FOR THIS JOB >>>>>

PLEASE SHARE TO