Manager - IT Security Audit at MTN Nigeria
Employment Nigeria
28-May-2024
₦Not Available
LAGOS ,
IT and Telecoms
MTN Nigeria - The leader in telecommunications in Nigeria, and a part of a diverse community in Africa and the Middle East, our brand is instantly recognisable. It is through our compelling brand that we are able to attract the right talents who we carefully nurture by continuously improving our employment offerings even beyond reward and recognition.
We are recruiting to fill the position below:
Job Title: Manager - IT Security Audit
Job Identification: 4377
Location: Ikoyi, Lagos
Employment Type: Full Time
Reports To: Senior Manager - Cyber Security and IT Assurance
Division: Internal Audit and Forensic Services
Mission
- Safeguard MTNN’s information systems and data against cyber risks, security threats, and vulnerabilities.
- Ensure compliance with regulatory requirements and industry standards related to information security.
- Validate the effectiveness of the audit process and security measures, identify potential risks, and implement solutions to mitigate those risks.
Description
- Plan and lead collaborative risk-based information and cyber security audits of moderate to high complexity in a local and global context and conclude whether risks are appropriately managed through the existence of effective control or other techniques.
- Evaluate administrative, technical, and procedural (prevent, detect, and respond) controls and mechanisms to help ensure security is managed at a consistent level across the organization.
- Plan system audit procedures, oversee a team of auditors, and ensure their investigation follows MTNN and government standards.
- Identify significant risks associated with the strategic objectives of the company and provide input into the annual audit plan accordingly.
- Develop and record a plan for each engagement reflecting the scope and objectives of the audit assignment linked to the significant risk exposure within that environment.
- Ensure efficient and effective execution of the annual audit plan, track and monitor expenditures, and update or adjust the budget as necessary.
- Lead and direct the monitoring of MTNN's computer network for possible mismanagement, fraud, and inefficiency.
- Conduct on-going audits as per the annual audit plan and as needed, and provide suggestions on audit assignments conducted, e.g., technical reviews of IS and Network.
- Perform complex analysis using CAAT tools (e.g., ACL) and Excel and ensure audit reports are timely, accurate, objective, and constructive.
- Incorporate knowledge gained from consulting engagements into audit assignments and the overall audit plan.
- Sustain audit methodology processes to ensure compliance with the required standards of the Institute of Internal Auditors and International Best Practice, and recommend changes as required.
- Provide input to the overall audit methodology and promote efficient practices by recommending improvements in processing capability, user interfaces, and security designs.
- Understand and evaluate relevant IT and cyber risks and controls designed to mitigate these risks to a level acceptable by IT management.
- Be responsible for the testing progress for the assigned controls and update senior audiences about the progress and results.
- Conduct control testing activities in areas such as incident management, disaster recovery, change management, cryptography, network security, and identity and access management.
- Coach and train the team to ensure understanding of the objectives and goals of the department, awareness of set targets/requirements and regularly review their training needs.
- Review performance of individual team members and complete appraisals in accordance with the employee performance appraisal procedures and time schedules.
- Identify training requirements of team members, develop program to address knowledge gaps and to enrich knowledge repository within the department.
Requirements
Education:
- First Degree in related discipline Preferably B Sc (Electrical/ Electronics, Computer Engineering, Telecommunications, or Computer Science with strong predilection for engineering; or in any Systems oriented discipline).
- Fluent in English.
- M Sc. (Telecommunications or any Communications related field) or CISA, CCNA/CCNP, CISSP, CISM.
- Extensive knowledge of cybersecurity frameworks such as NIST CSF.
- Extensive knowledge of compliance frameworks such as SOC, ISO, COBIT, and CMMC.
- Knowledge of technical infrastructure, operating systems, networks, databases, and systems as they relate to IT Security and IT Risk.
Experience:
6 - 13 years’ experience, which includes:
- Minimum of 3 years’ experience in an area of specialization (specifically in cybersecurity, network, and technology audits), with experience in supervising or managing others.
- Experience working in a medium- to large organization.
- Hands-on experience in internal audit (with a focus on systems audit) in a systems, IT, or telecom environment.
- Proficiency in Microsoft Office suite applications, with specific emphasis on Word, Excel, Power Point, and Projects.
Deadline: 28th May, 2024 (10;59 PM).
How to Apply
Interested and qualified candidates should:
Click here to apply online
Sorry the application deadline for this job has elapsed