Specialist - Security Governance and Assurance

Education and Experience Requirements

• Minimum of First Degree in Computer Science, Engineering, Information Technology/Systems or any related discipline preferred
  
• Certifications:
  
• Any of Certified Information Security Manager (CISM) or Certified Information Security Systems Professional (CISSP) will be advantageous,
  
• A combination of Certified Information Systems Auditor (CISA) and any of Certified in Risk and Information Systems Control (CRISC) or Certified in Governance of Enterprise & IT (CGEIT), CCNA Security, CompTIA Security.
  

• Experience working in the Information Security domain.
  
• Experience in the Cybersecurity Consulting, Digital Risks or Telecommunication sector is advantageous
  
• Proven experience in Information Security related Governance, Technology Risk Management and Compliance, ITGCs & Automated Controls.
  
• Experience conducting regular risk assessments to identify, evaluate, and prioritize cyber risks across the organization's systems, applications, and processes.
  

• Ensure implementation of technical security standards/baselines across MTNN’s technology platforms as well as ongoing monitoring and reporting of compliance against the standards.
  
• Ensure the integration of the MTNN’s technology platforms into the security compliance and monitoring eco-system both at opco and Group level then regularly confirm and report on ongoing effectiveness.
  
• Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
  
• Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
  
• Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
  
• Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
  
• Lead IT Controls Assessments and compliance exercises.
  
• Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
  
• Monitor the effective cascading of the Compliance strategy into the Compliance Monitoring business plans to ensure vertical alignment and horizontal integration with other interfacing strategies.