Officer - IS Security(14319 Views)
About MTN Afghanistan
MTN Afghanistan is the subsidiary company of MTN Group operating in 22 countries with a subscriber base of over 200 Millions. MTN provides GSM services in Afghanistan. We are looking for qualified and experienced candidates to fill the vacant position(s).
Mission/ Core purpose of the Job: (Short description)
• Responsible for MTNA information security policy and the coordination of information security efforts across the company as well as oversee the creation and maintenance of MTN information security policy, lead security risk assessment efforts, and own the awareness and training program.
|Date Posted:||08 Jul 2018||Reference:||MTNA HR 2018 - 08|
|Closing Date:||17 Jul 2018||Work Type:||Full Time|
|Number of Vacancies:||1||Gender:||Any|
|Functional Area:||IT||Open Ended:||NO|
|Nationality:||Afghan||Salary Range:||As per company salary scale|
|Contract Type:||Permanent||Years of Experience:||4 Year(s)|
|Contract Duration:||0 Year(s) & 0 Month(s)||Extension Possibility:||No|
|Probation Period:||3 Months|
Duties and Responsibilities
Role Complexity: Does not refer to the various “roles” that the incumbent has to assume in the conducting of the duties. Instead, this would be additional complexity that should not be inherent in this position, but the incumbent has responsibility for Example HR Managers having to manage an IT function.
• Must be an intelligent, articulate, consensus building, and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical staff
• Direct the development and enforcement of information security and privacy policies in compliance with federal and telecommunication regulations and standards
• Serve as an expert advisor to MTN senior management in the development, implementation, and maintenance of an information security management system ISO27001
• Working with senior and executive management the Information Security Officer coordinates the process to build a company wide information security strategy and vision
Task Complexity: Indicates those KPA’s that are essential to the position itself. These are normally specific to the incumbent, the job, and the function..
• Designing and implementing security in network, operating systems and applications and evaluating corporate security plans.
• Work with cross-functional teams to develop and integrate application security methods and technologies into applications and perform security reviews.
• Review of all project development plans to ensure compliance with security policy.
• Advising management on emerging vulnerabilities.
• Based on the nature of security threat perceived, assesses and establishes mitigating steps to ensure appropriate treatment and escalate as appropriate.
• Create and enforce policies and procedures associated with the effective and efficient administration of the MTNA Network and Systems.
• Perform basic Business Impact Analysis
• Propose, advise and implement security and communications solutions within MTNA.
• Work closely with other departments to perform full support, ensuring the full integration and smooth functioning of the network about security within MTNA.
• Co-ordinate with related Design & Development team for solutions implemented.
• Develop, implement and enforce application security strategies, policies and procedures for application development.
• Define, document and ensure that information security is incorporated throughout the lifecycle of all systems supported.
• Review and provide feedback on security plans and procedures regarding all aspects of LAN, WAN, server and Desktop systems, as applicable.
• Lead the information security origination within MTN, whose oversight responsibilities include:
o Developing, publishing, and maintaining comprehensive company wide information privacy and security strategy, plans, policy, procedures, and guidelines
o Acting as the primary control point during significant information security incidents
o Advising the MTN Management on risk issues that are related to information security and recommending actions in support of the company’s wider risk management programs
• Provide guidance and advocacy regarding prioritization of infrastructure investments that impact security.
• Understand potential threats, vulnerabilities, and control techniques and communicate this information to departmental system administrators
• Work with MTN Internal Audit to ensure that departments consider information security risks in both ongoing and planned operations
• Assist MTN units as necessary to investigate security breaches and pursue associated disciplinary and legal matters
• Work with Internal Audit, and outside consultants as appropriate on required security audits
• Develop a security awareness and training program
• Develop an Information Security toolbox using vendor products, tools, and services related to information security
• Any other Task assigned by Management in the same field.
• Sound knowledge of internetworking technology.
• System and network administration experience on UNIX, Top-Secret, and/or Windows operating systems
• Knowledge of security areas such as Auditing, Policy, Database Security, Firewall Design and Implementation
• Risk Analysis
• Security Management Practices
• Security Architecture and Models
• Access Control Systems & Methodology
• Application Development Security
• Operations Security
• Physical Security
• Telecommunications, Network, & Internet Security
• Business Continuity Planning
• Law, Investigations, & Ethics
Skills / physical competencies:
• Problem solving and analytical abilities.
• Strong interpersonal and communications skills.
• Customer focus
• Team building abilities
• Ability to function under pressure.
• Ability to think and articulate thoughts logically
• Can do
• BA or BS in Computer Science, Information Management, or related field, or equivalent experience; Masters preferred
•Certified Information Systems Security Professional
•Certified Information Systems Auditor
•ISO 27001 or Related
• Three to Five years of progressive experience in computing and information security, including experience with Internet technology and security issues
• Should have 2 years experience with business continuity planning, auditing, and risk management,
• Experience with disaster recovery planning and testing, auditing, risk analysis, business resumption planning, and contingency planning
Afghanistan - Kabul
AF AF 12
Bachelors Degree, IT
Interested Afghan Nationals can send their applications and resumes (with three valid references) by July 17, 2018.
Please mention the name of the position you are applying in your email subject line.
Applications received after the deadline and those, which do not meet the requirements mentioned above, will not be considered.
Only shortlisted candidates will be contacted for the interview (s).
|More jobs in this category|
|Jr. Network Administrator at American University of Afghanistan||Kabul||10 Oct 2018|
|Information Technology Senior Adviser at Ministry of Public Health||Kabul||29 Sep 2018|
|FMIS Technical Advisor at Kabul Municipality||Kabul||06 Oct 2018|
|Senior IT Officer at Ministery of Energy and Water||Kabul||06 Oct 2018|
|متخصص تکنالوژی at Ministry of Defense||Kabul||06 Oct 2018|
|Senior Analyst Database Administrator at Etisalat Afghanistan||Kabul||06 Oct 2018|
|Information Technology (IT) Specialist at Ministry of Public Health||Kabul||30 Sep 2018|
|Junior Officer – Help Desk at Afghanistan International Bank||Kabul||25 Sep 2018|