DESCRIPTION
We are pleased to announce the subject career opportunity within Technology (M-Pesa Africa) reporting to the Senior Manager-Cybersecurity.
Role Description
As the Manager – Cybersecurity Prevent and Defence, you will be responsible for:
Coordinating operations of the Cybersecurity, Prevent and Defend stakeholders and team
Facilitating implementation, management, and optimization of Cyber Security policies, standards, and procedures
Ensuring adequate OPEX budget, resource, and management focus is on cybersecurity risks
Driving standards of excellence to achieve the Cyber Security strategy
Implementing actions to close MPA risks, Audit & Reviews (Internal and External)
Improvement of the Cybersecurity posture of the company through several initiatives, including but not limited to Cyber Security Baselines.
Key Role Responsibilities
Impact on the business
Coordinate optimization of the Operational & Monitoring cybersecurity baselines (CSB) controls across all MPA relevant business areas and processes
Optimize and maintain Cyber Security controls and requirements across MPA environments
Ensure all M-Pesa and third-party systems’ products, services and projects are compliant with the MPA minimum security requirements and Cyber Security Baselines (CSBs)
Responsible for the set-up, execution, and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
Management of the vulnerability scanning, patching, and penetration tests and tracking resolution of vulnerabilities and patches in MPA systems, per the relevant MPA security policies
Support all internal and external audits around Technology systems and processes, ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines
Customers, supplier, and third parties
Ensure compliance with Legal, Regulatory and key stakeholders’ requirements across the Technology domains
Responsible for monitoring of compliance of the Cybersecurity managed services contract, to ensure it is within agreed SLA
Support for validation, timely completion, and accuracy of Technology audit checklists and user access rights reviews
Coordination of analytical processes and incident response measures
Ensure proper implementation and change management processes compliance for all planned and emergency changes in Technology systems
Leadership, Planning and Human Resource Management
Manage all the Cybersecurity OPEX budgets and planning, in alignment with the company and Group strategy
Manage the Cybersecurity subordinate resources (FTEs and contractors) for their tasks/job descriptions effective implementations
Skills development within Cybersecurity department
Performance Management of the Cybersecurity team
Provide input to Security Policies and requirements on Technology security methods and technologies
Support Implementation and enforcement of the MPA cyber code across all users
Provide regular and accurate management reporting on Cybersecurity service performance
Innovation and change
Maintain the Security and Privacy by Design Assurance (SPDA) processes of the GDPR and business requirements
Continually review and enforce security policies and controls, to support business requirements and changing security landscapes
Set-up of analytics framework and tools
Drive continuous improvement through simplification of key cybersecurity processes
Communication
Drive internal and third-party service review meetings covering performance, service improvements, quality, and processes
Make recommendations for Cybersecurity Service Improvement Plans and ensure actions are followed through to completion in a timely manner
Support information security awareness and training to all MPA users and third-party vendors
Driving incident planned and emergency communication processes to both internal and external audience
QUALIFICATIONS
Apply if you have:
Bachelor’s Degree in Electrical Eng./Computer Science/ Information Technology (or equivalent) from a recognized university.
Minimum of 5 years Network Security experience with Intrusion Prevention Systems, Web Application Firewalls, VPN administration, Content Filters, Security Scanning tools
At least one professional Information Security Qualification: CISM/CISA/CISSP/CEH/CRISC.
One certification in Networks CCNP or CCIE (Security) CLOUD or Microsoft, Linux or Unix Operating Systems administration
Minimum of 1-year focused Security experience in Incident Management, Intrusion Analysis, Network troubleshooting, or Reverse Engineering.
We are happy if you have:
Good communication skills and team player.
Experience in the use of security tools.
Project management skills, and proven task execution (getting things done).
Superior Report writing skills.
Analytical Thinking.
What you can expect from us:
We believe in a fair and robust interview process
We have a robust flexible total reward scheme
Dedicated support and mentoring/coaching
Opportunity to develop and progress – plus a solid dedication to work-life integration. It all means you’ll have everything you need to advance your career and achieve your full potential.
go to method of application »
Use the link(s) below to apply on company website.
Apply via :
