Senior Manager – Cyber Security and IT Assurance (Internal Audit and Fraud Management) at MTN Nigeria

Job ID: 2049

Description

• Define and implement processes and technologies for threat and vulnerability management, threat and risk assessment, and metrics supporting our information security program’s health and performance.
• Coordinates Penetration Testing activities with third-party vendors and lead security assessments to help gauge how ongoing change management in our environment may expose us to internal or external risks.
• Understand end-to-end informational and data processes and flows, and works to protect the security, availability, integrity, confidentiality, and privacy of the data.
• Manage the team to design, build and implement reporting solutions which meet client and user requirements
• Bring greater standardization of methodologies, measures, visualizations and delivery tools for all reporting deliverables
• Understand and evaluate relevant IT & Cyber risks and controls designed to mitigate these risks to a level acceptable by IT management
• Conduct controls testing activities in areas such as Incident Management, Disaster Recovery, Change Management, Cryptography, Network Security and Identity & Access Management
• Lead and coordinate activities relating to risk management, raising awareness and helping further develop the organization’s risk culture.
• Responsible for managing projects and monitoring the quality of work performed on IS and security-related engagements, including actively participating in the budget cycle, forecasting, monitoring and tracking functional and divisional expenditure
• Implement and maintain GRC policies and procedures based on ISO 27001 standard.
• Ensure that the Information Security Strategy is meeting the security and privacy needs of internal and external customers.
• Manage the creation, design and documentation of related processes and procedures to support the company to reduce risk and vulnerability exposure.
• Provide leadership, guidance, and management of the Cybersecurity and IT Assurance Audit Team, including building individual development plans and performance reviews.

Education

• Bachelor’s in Engineering (B.Eng.) / BSc. Computer Science
• Relevant certifications such as CCSP, CISSP, CISA, SSCP, CISM and CASP+
• Fluent in English

Experience:

• 9 – 17 years’ experience which includes:
  • Minimum of 5 years’ experience in internal audit (specifically in cybersecurity, network and Technology audits), with experience in supervising others advantageous
  • Minimum of 2 years in an information security team leadership position
  • Prior experience working in financial services, or other regulated or critical infrastructure sectors is preferred
• Experience with major audit firms an an advantage
• Extensive knowledge of cybersecurity frameworks such as NIST CSF
• Extensive knowledge of compliance frameworks such as SOC, ISO, COBIT, and CMMC
• Knowledge of technical infrastructure, operating systems, networks, databases, and systems as they relate to IT Security and IT Risk.
• Proficiency in Microsoft Office suite applications with specific emphasis on Word, Excel, Power Point and Projects.