Manager – IS security
IT
- Reference number: MTNA-IS-28-7-2024
- Job type: Permanent
-
Kabul
Center
- Organisation Name: MTN Afghanistan
- MTN Level: 2
- Posted: 28 Jul 2024
Job requirements
Job Requirements (Education, Experience and Competencies)
Minimum Requirements
- Minimum of 4 year tertiary qualification in Information Systems or Engineering (BSc IT, Bcom IT, Diploma IT)/ Masters advantageous
- Managerial courses will be an advantage
- CISSP, CISM or equivalent Information Security qualification or relevant proven working experience
Experience:
- Manager track record of 5 years on more with at least 3 years in relevant sector / industry
- Experience in designing and implementing organization wide information security framework.
- Experience in managing and implementing information security projects.
- Exposure to managing external vendor/supplier relationships and service level agreements
- Understanding of general regulatory requirements in the telecom industry
- Advanced working understanding of the information technology environment of a telecom company.
- Experience in Governance, Enterprise Risk Management and Compliance.
- Worked across diverse cultures and geographies advantageous
Training:
- People management Skills
- Industry related seminars / conferences
- Systems training
- Telco-related training
- Presentation skills
- Communication (written and verbal)
- Negotiation
- Other IT Specific – Architecture, Networks & Storage infrastructure systems
- CISSP, CISM or equivalent Information Security qualification or relevant proven working experience
Competencies
Head – Big Picture Focus (20)
Strategy Implementers – Ensures execution of strategies through creating and implementing tactical plans for others to follow
Decisive Problem Solver – Has the mental agility to identify business challenges and explore effective solutions through effective influencing Best Practice Value Creator – Encourages commercial innovation and continuous improvement for systems, processes, products and service offerings
Heart – Emotionally Intelligent (30)
Culture and Change Champion – Role models ethical practices by living the MTN values and vital behaviours for others to follow
Guiding People Manager – Is self-aware and guides team capability development through opportunity creation for realising potential
Relationship Builder – Builds relationships across the business in order to influence decision-makers and build team credibility
Hands – Results Focused (40)
Results Achiever – Produces sustainable divisional results through ethical practices
Operationally Astute – Sets priorities, plans, organizes and co-ordinates the work of others
Job description
Job Summary
Primary Job Purpose
To implement and maintain the Information Security Management System Framework within MTN Afghanistan.
Duties & Responsibilities
Strategic Input
- Develop goals, strategies, and plans needed to achieve the portfolio’s vision and build the capabilities to enable optimal delivery with input from relevant stakeholders.
- Align planning against the strategic intent of the company with agreed business outcomes within the portfolio, relevant IT Architecture Enterprise principles, key approved decisions and enterprise-wide programs.
- Recommend strategic business opportunities to deliver medium to long-term benefit and growth to the organization and its customers.
- Ensure the enablement of a self-service philosophy.
- Influence the technology roadmap defined by Group Technology and help Enterprise Architecture within IS to define standards.
- Develop and ensure implementation of a vendor sourcing strategy to manage technical delivery of requirements into the production environments as well as support and maintenance for the production environments.
- Champion and rally the IT and Network organization around the function and educate these areas on the value of the function to enable revenue generation, cost savings and business performance measurements.
- Investigate strategic IT trends (including initiating and executing relevant proof of concepts) and provides feedback regarding the impact and alignment required.
- Conduct strategic analysis of MTN system strategies to ensure that the strategic technological direction aligns and supports MTN Group objectives.
- Translate the strategic vision into operational requirements and drive the fulfilment of these technical requirements.
Tactical Planning and Operations
- Support and pro-actively drive system optimisation research
- Influence and manage SLA’s with infrastructure support to ensure high levels of availability
- Ensure that vendor and 3rd party developers are developing applications that comply with business specifications and implemented according to approved quality standards
- Provide consultation for all applications related projects so that decisions can be made as to the most appropriate delivery methodology
- Ensure incident and problem processes are in place for collaboration with the SMC and any other Help-desks within MTN and IS
- Ensure the creation and management of proof of concept environments to assist with requirements definition
- Ensure delivery of (authorised) projects according to the prioritised project list
- Facilitate the analysis of the current business environment to detect critical deficiencies and recommend solutions for the improved uses of information technology and related solutions and applications.
- Develop and maintain strategic relationships with Vendors to ensure the enablement of MTN Strategy
- Evaluate new technologies and products to determine feasibility and desirability of incorporating their capabilities into the Company’s IS systems
- Define and establish management systems, processes, policies and procedures for effective team functioning.
- Ensure the team performs the necessary analysis, design, modelling and documentation tasks necessary to pass MTN IS governance forums
- Provide consultancy to process at a project level on application, data, security, infrastructure, testing and operational designs through interactions with IS architects, and other systems owners
- Provide high level analysis and design reviews to other teams to avoid duplication efforts in solving the same application problems within different products within MTNA
- Provide a quick reaction task force to attend to major IT incidents with a view to improving on systems design and stability
- Define and consistently apply world class standards to ensure solutions are technically sound and sustainable, aligned to IT best practice and suitable within the MTN context.
- Drive design of technology solution architectures with a 2 to 5 year horizon. Focus for both converging IT, Telco technologies and future ICT requirements
- Partner with business leaders and peer-level managers to assess the technological cost and impact of recommended changes, help clarify priorities, and coordinate cross-organizational consortia where common needs have been identified.
- Assess risks and the effects of specific requirements on other business processes and system priorities to ensure technologies are aligned with business strategic objectives
- Ensure implementation of best practices to achieve technical excellence taking cognisance of the impact these changes will have on the total organisation
- Provide strategic and operational leadership to the team, in line with business requirements, technology standards and best practices within the function.
- Engage with other operations to extract potential benefits and efficiencies achieved at a technical implementation and/or process layer.
- Refine the information, reporting, and analytical needs of the function
- Drive the adoption of the common business rules, metrics and measures and ensure that IS commitments, policies and procedures are adhered to
- Align the vision of MTNA with the strategic objectives of IS by providing technical expertise to achieve common goals
- Identify, interpret and guide future development by using the appropriate technology to provide solutions using the available technologies
- Analyze technology industry and market trends and determine potential impact upon the business services and processes
- Assume accountability of defined services across multiple system domains
- Ensure delivery of internal business as usual projects through continual identification of
- Capacity Upgrades that are required due to Network Traffic
- Software Upgrades required to ensure adherence to maintenance agreements
- Aspects of a system that have not been performing optimally that require changes to architecture
- Hardware that is reaching end of life and requires replacement
- Any PoC required to demonstrate some item of functionality to Business
- These constitute all BAU project work that needs to take place in any given year and need to be executed on time and on budget
Governance
- Create and continuously review governing principles to guide information, technology, and solution decision making for the enterprise
- Support Implementation corporate governance and ensure adherence to it
- Ensure measurement frameworks are in place to verify completeness, timeliness and accuracy of data.
- Ensure that regular audits are done to ensure that developed reporting and dashboards are utilised by the organisation. Redundant reporting and dashboards to be expired by agreed process.
- Ensure that changes to the current environment are properly documented and tested before promoting into production. Post production changes should be documented and managed.
- Support the prioritisation process to drive prioritisation of requirements and initiatives in functional areas to ensure timeous delivery of requirements
- Support Revenue Assurance functions to understand issues and resolve any revenue issues or leakage
- Create visibility of changes to core systems, data and products by informing the organisation of changes to production
- Support assessment of Portfolio maturity on an annual basis
- Influence and implement aspects of data security policies
- Key areas and critical processes must always have an up to date Policy, Processes or procedure in place such that Business risk is managed which also ensures that any ISO certifications can be maintained and ensure that the team can show evidence where these are being utilised in day to day execution of jobs functions.
- Ensure compliance to MTNA security standards
Financial
- Ensure that Budget ownership and tracking is in place in the team and that there is a method to pull this together in a central fashion for reporting
- Ensure that Yearly CAPEX Plans are put in place and that each team member provides proper input and information into these
- Compile and manage Capex and Opex budgets relating to functional activities
- Assist in the forecasting, planning and development of the portfolio’s budget and business plans for IS
- Give input into budgets that will enable delivery of area of expertise to the relevant business unit.
- Manage and optimise departmental budget, ensuring all expenditure is in line with the agreed budgets.
- Support CAPEX submissions to ensure that funds are secured.
- Ensure that Yearly CAPEX Plans are put in place and that each team member provides proper input and information into these
- Manage OPEX spend within approved annual budget
- Support the creation of the business case for initiatives and projects in functional areas
- Track infrastructure budgets related to the support of business area platforms, processes and initiatives
- Ensure that all Senior team members are engaging in Vendor Relations and find ways to Leverage the vendor as much as possible in order to manage costs and that vendors provide Quarterly reporting
- Ensure that all Senior team members are involved in Contract ownership and that they update a central location with information on what the vendor supplies and requirements on amendments needed (or on new contract) and help drive this with the IS Commercial team • Ensure that all contract follow a fixed price model and that MTN IPR is protected
Customer
- One the primary objectives is to ensure the team delivers on requirements set by the business and make sure that changes needed on platforms owned take place on time and within budget. In addition all changes must be of a high quality such that bugs are kept to a minimum to ensure smooth testing cycles
- Ensure that the team presents the following to business on a regular basis
- Underutilized capabilities of Systems o Product ideas against these capabilities
- Future Technical Landscape and how it may influence future products
Security
- Develop, publish, and maintain comprehensive company wide information privacy and security strategy, plans, policy, procedures, and guidelines.
- Develop processes and policies on chain of trust agreements, disaster recovery plans, audit and governmental compliance.
- Develop security awareness/program and act as primary control point during significant information security incidents.
- Advise Management on risk issues that are related to information security and recommend actions to support MTNA wider risk management programs.
- Monitor internal and external information security trends and convey relevant technical, operational and strategic security-related information to the management.
- Guide and prioritize MTNA investments infrastructure that impact security.
- Identify potential threats, vulnerabilities, and control techniques; and advise departmental system administrators appropriately.
- Work with MTN Internal Audit to educate various departments within the organization on information security risks in both ongoing and planned operations.
- Assist MTN units to investigate security breaches and pursue associated disciplinary/legal matters.
- Work with Internal Audit/consultants as appropriate on required security audits.
- Manage the security systems to enable the desired security posture ( anti virus, DLP, websense, Aveksa)
Project Delivery
- Develop and drive the execution of agreed projects
- Drive the implementation, tracking, monitoring and compliance of Projects
- Contract management in line with Procurement Policies
- Co-ordinate project reporting
- Ensure effective implementation of the integrated project management model
- Risk management
Business Analysis
- Perform MTNA Business Analysis in line with the methodology and guidelines
- Identify ways to fine tune policies, processes and systems in line with changing work practices
- Determine, document, and review requirements for projects within the scope of the value stream or impacting processes and systems
- Design, analyse and document workflow and make appropriate recommendations that will positively impact operational effectiveness
- Identify Business Improvement and Optimisation opportunities that will result in improvement of process performance
- Ensure that benchmarking is conducted with other companies and organizations within and outside the industry.
- Construct business cases for initiations proposed by the business. Research and consider best practice, local conditions, trends, as well as competitor activity
- Identify and implement innovative ways to use minimum resources to achieve maximum outputs
Submission Guideline
Interested Afghan Nationals can send their applications and resumes (with three valid references) by August 15, 2024.
Please mention the name of the position you are applying in your email subject line.
Applications received after the deadline and those, which do not meet the requirements mentioned above, will not be considered.
Only shortlisted candidates will be contacted for the interview (s).