Job title : Senior Specialist - Technical Security Assurance and Service Management.Technology InformationJob Location : Gauteng, RoodepoortDeadline : February 10, 2025Quick Recommended Links Jobs by Location Job by industries Job Description Governance and Compliance: Ensure the organization adheres to ISO 27001, PCI DSS, POPIA, and other relevant standards. Implement and maintain security policies and frameworks aligned with MTN Group and regulatory requirements. Drive compliance initiatives, including audit readiness and management of exceptions or risk acceptance items. Operational Security Management: Conduct regular reviews of security posture and operational performance, presenting findings to governance committees and business units. Optimize security operations by identifying and implementing control efficiencies across all domains. Risk Management and Security Assurance: Perform risk assessments for new systems, technologies, and processes, ensuring vulnerabilities are identified and addressed. Conduct internal and third-party security assessments, driving corrective actions to mitigate risks. Manage the security compliance universe, including risk acceptance and exception tracking. Stakeholder Management and Reporting: Provide actionable and comprehensive reports to leadership, governance committees, and relevant stakeholders. Engage with business and technology teams to inform and guide on security risks, changes, and requirements. Represent Information Security in key forums, committees, and stakeholder engagements at both local and Group levels. Technology and Innovation: Oversee the implementation and adherence to Technical Security Standards across all technology platforms. Align security operations with global industry trends and advancements, ensuring the organization remains competitive and resilient. Ensure robust security management for OSS, BSS, and network platforms supporting billing, VAS, and ISP functions. Incident and Crisis Management: Coordinate and lead responses to security incidents, ensuring clear action plans and effective communication with stakeholders. Maintain incident documentation and drive continuous improvement in incident response protocols. Team Development and Retention: Mentor team members, enhancing their technical skills and professional certifications. Foster a high-performing team environment with strong retention and engagement levels. Build a pipeline of security talent to address scarce skills in a specialized environment. Security Awareness and Training: Develop and execute security awareness campaigns and training programs for internal users and clients to promote a culture of security. Measure the effectiveness of training programs through engagement levels and reductions in user-related incidents (e.g., phishing). Collaborate with business units to tailor awareness initiatives to address specific risks and challenges. Qualifications Job Requirements Education: Minimum of 3 years tertiary qualification (degree/ national diploma) in Information Technology Security certification e.g.
CISSP & CISM essential Other qualifications (ITIL, TMF, COBIT) advantage Fluent in English Experience: Min of 6 years in IT, 4 of which as an Information Security Specialist in a large enterprise environment essential Experience should ideally span multiple security domains ranging from security risk and governance, Data Loss Prevention, Authentication, Malware, Network Security, Applications and Operations Systems and Security across platform / database /network. Must have a wide breadth of knowledge and experience across security products, tools, and industry trends Knowledge of current security risks and protocols as well as good working knowledge of technical risk management and assessments ICT jobs