Senior Manager Information Security Strategy and Governance-MTN Group

🗏Job Type

Full Time

The Senior Manager Information Security Strategy andGovernance is responsible for Group Information Security riskand governance management strategy development and frameworks includingdeveloping and implementing appropriate policies and processes relating to MTN GroupInformation Security. The role will implement information security governanceand compliance protocols. The Senior Manager Information Security Strategy and Governance will provide industry benchmarking and trends toensure continuous alignment and staying abreast of the latest best practices.
Detailed Description
Strategy Development and Implementation
Establish group wide Information Security Risk management standards and policies including process to manage deviations or risk;
Identify best in class Information Security risk management standards and practices across Telecommunications as well as ICT, identifying emerging trends and threats and incorporating them into MTN;
Responsible for the effective implementation of the Information Security Risk Management Frameworks by means of providing direction, structure, frameworks, models, plans and roadmaps;
Ensure cross functional alignment and proper understanding of the framework

Support the Enterprise Risk Management Plan by:
Driving the adoption of a unified MTN risk management framework in support of the ERM Framework;
Maintaining an accurate view of MTN’s Group Information Security (GIS) risk tolerance;
Monitoring and reporting on the status of GIS risk mitigation processes;
Presenting a consolidated enterprise-wide GIS risk register;
Maintaining an up-to-date view of the GIS and ICT systems most critical to the realisation of MTN’s business objectives.

Source, induct and manage talent in accordance with Information Security guidelines;
Ensure open communication channels with staff and implement change management interventions where necessary;
Provide definition of roles, responsibilities, individual goals and performance objectives for the team;
Set KPIs and provide regular performance feedback through a well-defined and implemented performance review program;
Performance manage resources in accordance with HR policy and legislation where necessary;
Actively participate in leadership team and develop skills of own team; and
Promote a ‘MTN centric’ and ‘partnership approach’ to develop strong relationships with other working groups and ensure adherence to Group governance.

Governance

Escalations
Manage and resolve issues that will result in severe time, scope, productivity and cost or resource impact; and
Resolve and provide guidance to issues escalated.

Tactical
Oversee all projects and initiatives that are aligned to strategic imperatives;
Review key risks, issues and dependencies and set mitigation actions; and

Performance
Providing best practice guidance, training and support to OPCO Information Security Governance representatives;
Coordinating the process of continuous improvement in respect to Information Security Governance across MTN;
Facilitate periodic independent assessments of the status of Information Security governance in the group;
Drive adequate risk mitigation and controls;
Review performance against agreed Key Performance Indicators (KPIs) Ensure provision of appropriate support to commercial functions; and
Evaluate plans for continuous improvement.

Audit
Own the Audit management capability and relationship (IT and Security) and facilitate and standardized and effective audit process including reporting on the outcomes and status thereof;
Assist the internal audit function in terms of audit planning to ensure that information security risks are incorporated within the Audit;

Compliance and Reporting

Measuring and reporting on the effectiveness of Information Security management and control activities in governance framework and King III obligations;
Reporting at operations and audit committee and managing the actionable outcomes related to security;
Facilitate the definition and implementation of compliance control plans for legal and regulatory compliance;
Identify current and potential legal and regulatory requirements affecting information security;
Maintain and manage the information security threat and vulnerability risk register;
Report on a weekly basis to the Executive Group Information Security relating to progress made within the division and in accordance with the measurement metrics set by the organization.

Operational Delivery
Work with the GIS Senior Management Team in order to develop and implement the overall information security framework and strategy, overarched by the business risk strategy, ensuring the effective implementation and adherence across all the business;
Responsible for the development and implementation of the requisite information security policies, procedures, guidelines and standards;
Work with the Executive GIS in order to ensure that the information security policies, procedures, standards and guidelines for use throughout MTN are reviewed yearly and updated in a timely manner to accommodate changes in the Technology or business environment;
Directly responsible for facilitating information security risk assessments in OPCOs to ensure threats are managed.
Engage the Business Risk and Audit teams to ensure alignment of security processes against business risk;
Ensure and manage Third Party and OPCO wide implementation of minimum critical controls.

Job Requirements
4 year Engineering/ Information Science Degree
Masters in Information Science is preferred
10 - 12 years of relevant work experience in Information Technology (specifically security)
2-3 years of experience at the Senior Management level in the telecom industry
2-3 years working experience in managing information security in a large organisation
Experience in designing and implementing organisation wide information security framework
Experience in managing and implementing large scale information security projects
Experience in Governance, Enterprise Risk Management and Compliance
Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges
Advanced working understanding of the information technology environment of a telecom company

CISSP certification
Other preferred certifications are: CISA, CISM, CBCP, ISO 27001 Lead Auditor or Lead Implementer
ITIL Certification is Advantageous
Fluent in English
Telecommunications industry experience
Global mindset to service worldwide operations
Pan Africa and Middle East multi-cultural experience


Apply Here http://bit.ly/2wq41VG

Job id : , #71328, 33 views,

« Quantitative Analytics ManagerKey Account Manager Fleet at PG Glass »