Consultant: Security Policy and Standards - Roodepoort, South Africa - MTN Nigeria
Description
The Consultant Security Policy & Standards role will manage and oversee the GIS policy and standards relating to risks assessment and acceptance across the MTN Group.
The purpose of the job will be to drive information security governance standards and policies to internal stakeholders across the MTN business.
The incumbent will be responsible for the implementing the GIS standards as well as ensuring uptake and acceptance thereof.Moreover, the incumbent is responsible for continuously updating and measuring and reporting of compliance against the security standards and policies as well as act as a liaison for security auditing purposes.
Context
MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates.
The Group's CTIO function must therefore ensure the successful delivery in context of:
- Rapidly changing ICT environment
- The geographic complexity of MTN's footprint across Africa and the Middle East
- Management of executive and local shareholder expectations across all 22 OpCos
- Achievement of top quartile operating efficiency and effectiveness through scale and common processes
- Driving growth through business intelligence and standardization to maximize business impact
- Management of customer and supplier expectations
- Enhance MTN position as a leading network and system provider
- Constant dynamics and local challenges in the economic, regulatory and legal environments
Key Performance Areas
The Consultant Security Policy & Standards will be accountable for delivery on the following Key Performance Areas:
- Assist in the development and updating of the group wide Information Security Risk management standards and policies including the process to manage deviations or risk;
- Implement best in class Information Security risk management standards and practices across Telecommunications as well as ICT, and assist senior management identifying emerging trends and threats and incorporating them into MTN;
- Assist in the effective implementation of the Information Security Risk Management Frameworks
- Provide input into the development of a Risk Treatment Plan aimed at the identification and flagging of unacceptable levels of risk and the methods for mitigating such risk;
- Works with MTN business units and OPCO's and with other risk management/assurance functions to identify security requirements, using various method such as risk and business impact assessments;
- Reports to management concerning residual risk, and other security exposures against the proposed security standards and policies including misuse of information assets and noncompliance;
- Develop and maintain GIS security standards and policy documentation to be agreed upon and implemented within the business;
- Researches and assesses new threats, developments and best practice from a security standards perspectives and recommends appropriate updates to the risk acceptance and risk treatment plan;
- Raise the security awareness relating to security standards and education level of MTN employees and business partners;
- Conduct reporting relating to noncompliance or breach or security standards and policies;
- Develop a process for mitigating risk as well as for addressing noncompliance to security standards aligned to MTN's holistic risk management framework.
- Ensures that the Information Security standards and policies encompasses information privacy, information regulatory compliance, information technology controls, computer security, identity and access management and disaster recovery.
- Ensures that security standards are entrenched into projects and systems;
- Continuously evaluate and improve the vulnerability management processes and technology;
- Assists the Senior Manager in facilitating information security risk assessments in OPCOs to ensure threats are managed;
- Engage the Business Risk and Audit teams to ensure alignment of security processes against business risk;
- Work with process owners to implement GIS standards recommendations appropriate for the target maturity for their area;
- Assesses compliance to Security governance frameworks and policies;
- Facilitate internal audits and external assessments of processes and plan improvement activities accordingly;
- Review GIS process audit reports;
- Obtain reasonable assurance that GIS risk standards and policies are appropriate within the MTN's risk appetite;
- Identify high risk/priority processes for improvement;
- Obtain independent assurance over the GIS governance status including target maturity levels and related benchmarks.
- Report/escalate relevant security standards and policy noncompliance issues to Senior Management.
- Manage key security standards and risks, issues and dependencies and set mitigation actions
- Coordinating the process of
More jobs from MTN Nigeria
-
Senior Consultant: Programme Management Cameroon
Johannesburg, South Africa - 1 week ago
-
Senior Manager
Johannesburg, South Africa - 2 days ago
-
Representative - Customer
Cape Town, South Africa - 1 week ago
-
Coordinator - Company Finance
Johannesburg, South Africa - 5 days ago
-
Senior Manager
Johannesburg, South Africa - 2 days ago
-
Consultant - Od and Performance
Roodepoort, South Africa - 1 week ago