Analyst – Security Internal Control and Awareness.Technology, Douala, MTN Cameroon
Role Responsibilities/ Responsabilités du rôle
JOB DESCRIPTION
Mission/ Core purpose of the Job:
To assist in implementing the information security controls (User Access Management, Backup & Geo Red, Awareness, Secure Configurations, Logs Management, Security By Design, etc.) from operational perspective across Business & Technology functions.
RESPONSIBILITIES
Job Specifications/ Minimum & Preferred Requirements
Education / Business Degree
Minimum of 3-year degree in Computer Science, Telecommunication, Information Technology/Systems, or related field from a reputable institution.
Fluent in French and English
Work Experience
Minimum of 3 years’ experience in experience in implementing information security, with experience in supervising others
Experience working in a medium to large organization.
Experience in working in cross-functional Team or project.
Experience in coordinating and overseeing security testing procedures.
Experience in programming and administrating IT solutions is an advantage.
Experience in automating/programming some checks/controls to increase efficiency.
Training
LPI 2
CCNA Security
MCSA
Industry / Certifications
CEH
OSCP
Comptia +
Any other specifications
GIAC CIH
Competencies
Knowledge
IT & Network technology domain including application platform development, application support, infrastructure platforms, data management, database technologies, Network, Wireless security
Endpoint security (mostly desktops, mobile and laptops)
User Access Management
Disaster Recovery
Secure Configurations (CIS)
Logs Management
Data security (encryption, DRM, tokenization, compliance, data classification and policies and so forth)
Network Security Fundamentals
Security Frameworks and tools
ICT industry and benchmarking practices
System Administration Specialist (Unix, Windows)
Capacity to replay well known vulnerabilities or vulnerabilities reported by audits reports
Scripting languages like python, bash, powershell, nodejs, etc.
Application security (code review, white box testing, black box testing and all three requires different kind of skill sets
Skills
Analytical Thinker
Problem Solver
Operational Value Creator
Culture and Change Champion
Supportive People Manager
Relationship Manager
Results Achiever
Operationally Astute
Behavioral Qualities
Directs people
Detail-oriented
Manages time
Key Performance Areas
Measures (KPIs for job)
Key Job Responsibilities
Staff Leadership and Management
Ability to work in a team
Responsible for self-learning and development with guidance from the Manager
Provide information to the Manager on work accomplishments, individual / team challenges
Lead team meetings and contribute on specialist / technical areas when required
Review performance metric dashboards prepared on various performance metrics and provide input to the manager
As per business plan
Governance
Adhoc and Operational Meeting
Participate and provide inputs in operational meetings as and when required.
Set up and pilot adhoc meetings for day-to-day operational requirements as and when required
Escalations
Timely notification of escalations to the Manager
Resolve escalations as per defined escalation / resolution procedures.
Opco Operational
Participate and provide inputs in project status meetings.
Propose operational changes and provide associated user impact assessment.
Performance
Ensure effective execution of day-to-day operations at the CoE and at the Opco and resolve operational issues
Improve productivity and quality through leading practice initiatives
As per business plan
Reporting
Provide inputs to the Manager (as required) relating to progress made within the sub-division and in accordance with the measurement metrics set by the organisation
Provide reports to Group on the area covered
As per business plan
Operational Delivery
Participate in Implementing the Information Security policies, process, procedures, Cyber Security and Privacy framework, and Risk Treatments controls.
Users & Accounts Management
Perform user access reviews according to the relevant processes.
Drive the account certification process.
Perform profiles reviews according to the relevant processes.
Make awareness of User Access Management best practices.
Contribute to mature the IAM framework (PPPs, provide inputs for systems improvements)
Ensure compliance to our Segregation of Duties Standard.
Log Management
Ensure collection of all relevant logs from critical systems.
Perform log analysis & generate alerts & incidents from them.
Monitor the log management systems.
Incident Management
Deploy the necessary tools & adopt the necessary process to detect security incidents
Qualify incidents reported through various channel
Ensure incident management according to the Security Incidents procedures
Maintain stakeholder’s engagement to ensure timely incident closure.
Awareness
Ensure awareness of employees, interns and contractors at their onboarding and during their work time.
Define the yearly awareness and execute it.
Penetration test and technical audits
Establish the scope for penetration tests to be performed by partners.
Be the SPOC for partners during penetration tests and technical auditds
Engage with stakeholders to develop appropriate countermeasures and tools from penetration testing and audits results.
Ability to perform proof of concept on discovered risks and vulnerabilities
Operating the Security Operation Center
Ensure threat protection including security information and event management (SIEM), user and entity behavior analytics (UEBA), anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS)
Analyze security events and alerts and recommend appropriate actions in response to information security incidents
Manage network security, intrusion detection and prevention systems (ArcSight)
Oversee/Conduct the investigation/ forensics of security breaches that occurred in MTNC environment.
Other Activities
Builds productive working relationships internally and externally.
Participates in the development of and conducts security education programs.
Frequent use of general/technical knowledge and industry/functional practices, techniques, and standards. General application of concepts and principles. Developing professional expertise.
Maintain deep understanding of information technology, networking and infrastructure, particularly as they pertain to cyber security.
Maintain security dashboard on daily and weekly basis.
Implement and upgrade security measures and controls (Access Control)
Play an active role in Disaster Recovery Tests as well as Backup & Restoration tests.
Perform any other work-related duties and responsibilities that may be assigned from time-to time by management.
Participate and facilitate the Audit process through follow up on resolution of audit findings and reporting on the outcomes.
Key Performance Indicators
% handling of Reported Incidents
MTTR of Incidents and Vulnerabilities
% Decrease in impact of security incidents
% Increase in SLA conformance
% Increase of Implemented Preventive Measures Vs identified security threats
% Decrease in Mean Time to implement security Measures
% Decrease of Security-Related Service Downtimes, Confidentiality or/and integrity violation.
% Decrease of security incidents or policy violation arising from new projects
% Increase of Third-party adherence to security policies/procedures
% Increase Employees Security Awareness
As per business plan
Role Dependencies
Work with various business units to ensure that security controls are embedded in MTN Policies and Procedures.
Work with Architects (Network & IT) and Project offices to ensure that projects deliverables match security requirements.
Work with Operational units and third parties to ensure enforcement of security controls and resolution of security Incidents.
Work with Legal, Regulation & Compliance to develop a database of related obligations.
QUALIFICATIONS
Education / Business Degree
Minimum of 3-year degree in Computer Science, Telecommunication, Information Technology/Systems, or related field from a reputable institution.
Fluent in French and English
Work Experience
Minimum of 3 years’ experience in experience in implementing information security, with experience in supervising others
Experience working in a medium to large organization
Experience in working in cross functional Team or project
Experience in coordinating and oversee security testing procedures
Experience in programming and administrating IT solutions is an advantage
Training
LPI 2
CCNA Security
MCSA
Industry / Certifications
CEH
OSCP
Comptia +
Any other specifications
GIAC CIH
Competencies
Knowledge
IT & Network technology domain including application platform development, application support, infrastructure platforms, data management, database technologies, Network, Wireless security
Endpoint security (mostly desktops, mobile and laptops)
Data security (encryption, DRM, tokenization, compliance, data classification and policies and so forth)
Network Security Fundamentals
Security Frameworks and tools
ICT industry and benchmarking practices
System Administration Specialist (Unix, Windows)
Capacity to replay well known vulnerabilities or vulnerabilities reported by audits reports
Scripting languages like ruby, python, bash, etc.
Application security (code review, white box testing, black box testing and all three requires different kind of skill sets
Skills
Analytical Thinker
Problem Solver
Operational Value Creator
Culture and Change Champion
Supportive People Manager
Relationship Manager
Results Achiever
Operationally Astute
Behavioral Qualities
Directs people
Detail-oriented
Manages time
REQUIRED SKILLS
Business Continuity Management
Endpoint Secure Configurations (EDR, CIS, Patches, etc.)
IT & Network Security Fundamentals
Information Security Awareness
Information Security Culture
Information Security Incidents Management
Logs & Events Management (SIEM)
Patch Management
Programming Skills
User Access management
ABOUT US
MTN Group Limited is a South African multinational mobile telecommunications company, operating in many African, European and Asian countries. Its head office is in Johannesburg. MTN recorded 232.6 million subscribers, making it the eighth largest mobile network operator in the world, and the largest in Africa.
With more than 17510 professionals, working in over 20 countries around the world.
MTN recruiters are always searching for brilliant candidates with an entrepreneurial spirit, looking for a work culture where innovation is the goal, hard work is expected, and creativity is rewarded. MTN employees enjoy competitive salaries, excellent health benefits, and a network of like-minded co-workers that drive innovation across the entire telecommunication industry.
ABOUT THE TEAM
The Human Resources team partners with all aspects of the organization, driving success through the effective and innovative management of people for both current and future business needs.
Key roles that the Human Resources team performs:
Executive Role: Specialists in all aspects of people management. High-level input at a strategic level into all key business decisions.
Audit Role: Ensures all areas of the organization are compliant with legal requirements AND best practice employment policies and procedures.
Facilitator Role: Close partnership to support, advise and extend the ability of all areas of the organization to meet their objectives through the implementation of highly effective employment practices in areas such as Talent Acquisition, Learning and Development, Reward systems, Performance Management, Health and Wellbeing.
Consultancy Role: Provide expert advice to the organization and it’s managers on any aspect of workforce management and employee relations and performance.
Service Role: Ensure the organization is fully aware of and is equipped to deal with developments impacting employment matters, such as changes in legislation, changes in the characteristics of the labor market.
Postuler (Apply for the job) sur son site Internet: https://ehle.fa.em2.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/2655/?location=Cameroon&locationId=300000000273784&locationLevel=country&mode=location
The Weekly Job Report, Le rapport de travail hebdomadaire: https://afriquejobs.com/?s=Job+Report
All companies hiring (Entreprises qui emploi au Cameroun): https://www.afriquejobs.com/2020/07/emplois-jobs-au-cameroun-liste-des.html
More jobs (Plus d\’offres d\’emploi): https://www.afriquejobs.com/
Afriquejobs.com 