258 Information Security Manager jobs in South Africa

• Who we're looking for: An experienced Information Security Manager to lead the implementation and ongoing maturity of our Information Security Management System (ISMS), ensure alignment with ISO 27001:2022, and manage risk across the business.
• The challenge: To own the ISMS documentation and audit programme, coordinate internal and external audits, oversee the risk register, and support internal teams on policy compliance and security awareness.
• Where you'll work: This role will be based in Cape Town, you'll be part of our global team, collaborating with colleagues and serving customers across the UK, USA, Australia, South Africa, and beyond. Our hybrid approach offers flexibility with regular team connection in our Cape Town office.

The Tillo Difference

We're in the business of rewards and incentives, so we know a thing or two about the importance of giving back. We can't grow as a business without growing as individuals, so we are committed to providing a workplace where passionate, driven individuals can thrive. We value collaboration, trust, positivity, and a willingness to learn - only by working as a team will we reach our goals.

We're the market leader in the UK and are active in a number of other markets including USA, Europe, Australia and India.

This role will be responsible for:

• ISMS Ownership & Audit Readiness

• Maintain and evolve the ISMS documentation and controls in line with ISO 27001:2022.

• Coordinate and lead internal audits (quarterly for TZ) and external certification audits.
• Write up audit findings and risk reports for SLT and the Board.
• Monitor ISMS KPIs and compliance metrics .

• Risk Management

• Own the company-wide risk register and associated documentation (excluding the risk framework itself).

• Support teams in identifying, assessing, and documenting risks.
• Track and ensure timely implementation of Risk Treatment Plans.
• Monitor and report on key risk metrics.

• Incident & Corrective Action Management

• Maintain the incident log, ensuring proper documentation, root cause analysis and closure.

• Drive corrective actions and improvements from internal/external audits and incidents.

• Security Policy & Training

• Maintain and develop ISO 27001-compliant security policies (non-Engineering).

• Coordinate business-wide security awareness training (e.g., KnowBe4).
• Champion InfoSec awareness and lead monthly security meetings.

• Client & Vendor Security Assurance

• Complete InfoSec and risk sections of client due diligence questionnaires.

• Support the development of a Trust Centre to streamline security responses.

What we're looking for

• 3+ years in an Information Security or Risk Management role with experience in ISO 27001 implementation and audits.
• A strong understanding of risk frameworks, internal controls, and compliance management.
• Experience with audit coordination and ISMS documentation.
• The ability to translate technical and regulatory language into business-friendly advice.
• Working knowledge of privacy, AML, and business continuity requirements.
• Familiarity with InfoSec tooling (e.g., Drata, Vanta, KnowBe4).
• Exceptional communication, reporting and organisational skills.

Benefits

We offer all our employees trust and empower our team to work with flexibility and autonomy. We're a close-knit team and love working collaboratively, with our hybrid model, our team can come together at our fantastic offices, but also focus in their own space. The Tillo team are a motivated bunch and we all work hard to push Tillo forwards, always innovating. We completely understand the importance of work/life balance and offer a supportive and collaborative working environment with the following benefits:

• 21 days holiday per annum
• Retirement Fund (5%)
• Health insurance contribution
• Employee Incentive Scheme
• Hybrid Working
• Top spec equipment including laptop, mouse, keyboard, monitor
• Anniversary gifts
• Monthly breakfasts, drinks, snacks and events
• Team Learning & Development budget

Tillo makes gift cards, rewards, and incentives simple, efficient, and profitable. Operating in over 37 markets and 25 currencies, Tillo processes billions in gift card transactions through a single, plug-and-go API, powering rewards and incentives for the world's leading businesses.

Backed by Tenzing, Tillo is setting the global standard for digital gift card infrastructure.

Diversity, Equity, and Inclusion Statement

We are committed to fostering a diverse and inclusive workplace where everyone feels valued and respected. We welcome applications from individuals of all backgrounds, regardless of age, disability, gender identity, marital status, race, ethnicity, religion or belief, sex, or sexual orientation.

If you require any reasonable adjustments during the recruitment process, please let us know, and we will be happy to accommodate your needs.

Designation:

Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category:

Information Technology

Job Level:

Professionally qualified and experienced specialists and mid-management

Posted by:

PSG Financial Services

Posted on:

03 Oct 2025

Reference Number:

POS08450

Closing date:

30-Oct-2025

Position Type:

Permanent

Location:

Waterfall Magwa Crescent

Overview:

VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT

PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit

Designation: Information Security Manager | Waterfall, Midrand, Gauteng | Permanent

Category: Information Technology

Job Level: Professionally qualified and experienced specialists and mid-management

Posted by: PSG Financial Services

Posted on: 03 Oct 2025

Reference Number: POS08450

Closing date: 30-Oct-2025

Position Type: Permanent

Location: Waterfall Magwa Crescent

Overview
VACANCY | INFORMATION SECURITY MANAGER | WATERFALL, MIDRAND, GAUTENG | PERMANENT
PSGs commitment to transform and embrace diversity is what drives us to achieve a diverse workplace with employment equity as a key goal to create an inclusive workforce. In achieving our employment equity goals, we give preference to applicants from designated groups, and we encourage people with disability to apply.

Job Description
The Information Security Manager will lead PSG's cybersecurity strategy, governance, and operations across a hybrid cloud infrastructure. This includes managing Microsoft security capabilities, integrating firewall technologies, overseeing the Cyber Security Operations Center (SOC), and ensuring compliance with regulatory and industry standards. The role also includes managing BYOD risks, securing branch networks, and aligning with globally recognized frameworks such as the NIST Cybersecurity Framework and Joint Security Standards (JSS).

*Responsibilities:
Strategic Leadership & Governance *

• Develop and maintain PSG's enterprise-wide cybersecurity strategy aligned with business objectives and regulatory requirements.
• Establish and enforce security governance frameworks, policies, and standards.
• Ensure alignment with the NIST Cybersecurity Framework (Identify, Protect, Detect, Respond, Recover) and Joint Security Standards.
• Lead the implementation of relevant security compliance initiatives.
• Collaborate with divisional CIOs and executive leadership to align security posture across business units.
• Monitor emerging threats, regulatory changes, and industry trends to inform strategic decisions.

*Architecture & Identity Management *

• Design secure solutions for hybrid environments (on-prem + Azure).
• Integrate security into infrastructure and application projects.
• Manage identity and access controls, including Azure AD, MFA, and privileged access management.

*Security Operations *

• Manage day-to-day security monitoring, incident handling, and threat intelligence.
• Administer Microsoft 365 security features: Defender for Endpoint, Purview, Sentinel, Conditional Access, etc.
• Ensure endpoint, network, and cloud security controls are effectively implemented and monitored.
• Implement and enforce BYOD policies, including mobile device management (MDM), data loss prevention (DLP), and secure access controls.
• Secure branch office networks, including firewalls, VPNs, segmentation, and remote access protocols.

*Financial Management *

• Develop and manage the annual cybersecurity budget, including licensing, tools, training, and consulting services.
• Track and report on security-related expenditures, ROI, and risk mitigation outcomes.
• Support procurement and vendor management for security solutions.

*Cyber Security Operations Center (SOC) Oversight *

• Oversee 24/7 SOC operations, ensuring effective threat detection, incident response, and escalation.
• Define SOC roles, workflows, and incident response playbooks.
• Integrate SIEM, SOAR, and threat intelligence platforms for proactive defense.
• Monitor and improve KPIs such as MTTD (Mean Time to Detect) and MTTR (Mean Time to Respond).
• Coordinate with external threat intelligence providers and law enforcement when necessary.

*Security Technology Lifecycle Management *

• Oversee the deployment, maintenance, and upgrade of security technologies including Microsoft 365 E3/E5 and Hailstone platforms.
• Ensure timely patching, configuration updates, and feature adoption.
• Maintain compatibility and integration of security tools with PSG's hybrid infrastructure.
• Document system configurations and update operational procedures regularly.

*Risk Management & Compliance *

• Conduct regular risk assessments, vulnerability scans, and penetration tests.
• Ensure compliance with POPIA, GDPR, NIST CSF, JSS, and other relevant regulations and frameworks.
• Maintain a risk register and track mitigation actions.
• Coordinate internal and external audits and ensure timely remediation of findings.

*Awareness, Education & Training *

• Lead organization-wide cybersecurity awareness programs.
• Deliver targeted training for IT, business, and executive teams.
• Promote secure behaviour and incident reporting culture.

*Team Leadership & Culture *

• Build and lead a high-performing cybersecurity team, leveraging SOC analysts, engineers, and compliance specialists.
• Define clear roles, responsibilities, and performance expectations.
• Conduct regular coaching, performance reviews, and career development planning.
• Foster a culture of accountability, innovation, and continuous improvement.
• Promote cybersecurity awareness and ownership across all departments.

*Reporting *

• Prepare operational, executive-level reports on security posture, risk exposure, and compliance status.

*Minimum requirements: *

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 8+ years of IT Security experience, with 5+ years in a leadership role.
• CISSP, CISM, or equivalent
• Microsoft Certified: Cybersecurity Architect Expert
• GIAC Security Operations (GSOM) or equivalent SOC certification
• Familiarity with scripting (PowerShell, Bash) and automation tools.

*Experience in the following technologies and concepts: *

• Microsoft 365 and SharePoint Online
• Proven experience in cybersecurity leadership within hybrid cloud environments.
• Deep knowledge of Microsoft 365 E3/E5 security stack and Hailstone technologies.
• Strong understanding of SIEM, SOAR, threat intelligence, and SOC operations.
• Experience managing BYOD environments and securing distributed branch networks.
• Familiarity with ISO/IEC 27001, ISO/IEC 2000, NIST, and CIS controls.
• Excellent communication, stakeholder engagement, and team leadership skills.
• Technical documentation

*Competencies required: *

• Strong leadership and problem-solving skills.
• Attention to detail
• Decision making
• Leadership
• Attention to detail
• Resilience
• Good verbal and written communication skills
• Time management skills
• Deadline driven

*How to apply: *
Candidates interested must apply here by no later than 30 October 2025 OR browse available PSG Careers vacancies .

By submitting your application, you are giving PSG Financial Services implicit consent to the storage and processing of your personal information. If you are not contacted within 4 weeks of your application, please accept that your application was not successful. For more information about careers at PSG, visit

Role Overview

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.
• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.
• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Role Overview:

As Manager – AI Information Security, you would be responsible for designing and implementing advanced information security frameworks focused on AI systems. The role ensures the protection of sensitive data, compliance with regulations, and integration of security into AI development workflows. You'll collaborate with AI/ML engineering and data science teams to embed security practices and manage incidents, vulnerabilities, and third-party risks.

Key Responsibilities:

• Develop AI-specific information security strategies, policies, and governance frameworks.
• Embed risk management best practices and update organisation’s security posture with emerging threat intelligence.
• Implement AI incident response frameworks in line with organisation's information security standards.
• Guide AI/ML engineers and data scientists on secure coding, threat modeling, and secure data workflows.
• Ensure compliance with global data privacy laws and evolving security regulations.
• Lead training initiatives to increase security awareness among AI teams.
• Oversee deployment and optimization of security monitoring tools for continuous AI ecosystem surveillance.
• Manage penetration testing, threat & vulnerability assessments, and drive resilience programs.
• Report security metrics, incidents, and compliance activities to senior leadership and AI Department.
• Align security processes with audit, ethics, and compliance standards.
• Coordinate third-party security assessments on AI tools and platforms.
  
  

Qualifications & Experience:

• Education: Bachelor’s degree in Computer Science, IT, Cybersecurity, or related field. Information Security certifications are preferred.

• Experience:
  • Minimum of 4+ years in information or cybersecurity roles.
  • Demonstrated experience securing AI/ML-driven environments, ideally within telecom or similar sectors.
  • Proficiency in managing security incidents, risk assessments, vulnerabilities, and compliance audits.

• Skills:
  • Expertise in cybersecurity frameworks, AI/ML security, data privacy, and cloud platforms.
  • Proficient in vulnerability scanning, penetration testing, and incident response methodologies.
  • Strong stakeholder engagement and communication capabilities.

Overview

About our client: Our client is a global investment advisory firm focusing on long-term value creation through investment strategies. They work with a diverse group of institutional partners and pride themselves on their collaborative, sustainable, inclusive culture and performance.

What you will be doing:

• Develop and implement enterprise-wide information management and retention strategies, ensuring effective structuring, maintenance, and utilisation of information assets.
• Define and enforce data classification, lifecycle management, and records retention policies aligned with financial regulations (e.g., GDPR, DORA).
• Collaborate with Data Privacy on governance, retention policies, and Records of Processing Activities (ROPA), ensuring compliance across business units.
• Lead development of a data governance framework covering stewardship, accountability, and data quality.
• Liaise with IT, legal, and regulatory bodies to ensure alignment with compliance requirements.
• Oversee data audits, generate compliance reports, and implement security controls for sensitive data.
• Work closely with security teams on incident response and business continuity strategies for data protection.
• Ensure secure handling, storage, and disposal of information in accordance with policy.
• Align information management practices with evolving business needs, collaborating with IT on retention, access, and storage strategies.
• Manage vendor relationships to ensure third-party data management practices meet compliance standards.
• Develop and track KPIs related to information management, data security, and regulatory compliance.
• Provide strategic insights to senior management based on data trends and compliance analysis.
• Maintain accurate and current documentation of all data management policies and procedures.

What our client is looking for:

• A relevant degree in IT, Computer Science, or related field is preferred.
• Certifications (e.g., ITIL, PMP, CISM) are highly desirable.
• 5+ years experience in IT, data governance, or information security, ideally in financial services.
• Strong knowledge of financial systems, data regulations (GDPR, DORA, ISO 27001).
• Expertise in cybersecurity, risk management, and compliance frameworks.
• Experience with data retention, DLP, and compliance audits.
• Familiar with security governance standards and regulatory reporting.
• Proven collaboration, influencing, and negotiation skills.
• Detail-oriented, self-driven, and strategic with strong decision-making ability.
• Effective communicator across teams with analytical and problem-solving skills.
• Adaptable and resilient in high-pressure, regulated environments.

Job ID:

• J

For a more comprehensive list of opportunities that we have on offer, do visit our website - URL Removed

Desired Skills:

• Data Governance
• Information Security
• Risk Management

The Manager Information Security Architecture is responsible for delivering technical security solution designs, reference architecture designs and technical standards for Information Systems within the MTN Group in accordance with the enterprise security designs

Security is entering a new phase where the architecture and systems between IT and the Mobile Network are now using shared platforms or infrastructures. There is an increased focus in the security of these networks and across all areas of the business. The introduction of cloud has blurred the lines between a traditional IT security professional and a Mobile Network Security function. The candidate is further responsible for vetting and advising all OPCO's in the MTN portfolio on Core network, Digital and IT security related projects, including software developed in house by S2 COE. The candidate is also responsible to support Fintech and Infraco security colleague in designing robust and secure architecture for the platform business The incumbent must therefore ensure the successful delivery in context of:

• An expertise-based multicultural federated organisation

• A dynamic and evolving field of information security

• Revolutionary workforce practices which are bringing together global labour markets

• Evolving industry sector constantly presenting new challenges, opportunities and threats to the core businesses

• Dynamic legal and regulatory environment (with specific focus on data sovereignty and privacy/data protection)

• Agile ways of working

• Hybrid networks (cloud and on-premises)

• Values (Our Culture)

We at MTN are a purpose and value-led organization. At MTN, we believe that understanding our people's needs and aspirations is key to creating experiences that delight you at work, everyday. We are committed to fostering an environment where every member of our Y'ello Family is heard, understood and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us,

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

Live Y'ello

• Lead with Care

• Can-do with Integrity

• Collaborate with Agility

• Serve with Respect

• Act with Inclusion

1. Key Performance Areas: Core, essential responsibilities / outputs of the position (KPA's)

The Manager Information Security Architecture is responsible for the following deliverables

• Develop information security solution architectures (e.g., people, processes, technology);

• Develop information security reference architecture (IT & telecoms) to manage threats, monitor implementation & compliance; support the design of security reference architecture for both Fintech and Infraco

• Assist with the refinement of MTN Information Security reference architecture and test the architecture against pilot implementations and ongoing OPCO implementations

• Obtain inputs and validate the MTN information security reference architecture with key MTN partners;

• Responsible for design of information security solution architectures for group wide risk mitigation of key risk areas including standardised security architecture, security monitoring, and vulnerability management;

• Develop reference architectures for specific technical security solutions

• Assist OPCOs and platforms with technical security solution designs

• Determine a holistic view of security requirements by evaluating current security operations and requirements; researching information security standards; studying architecture/platform; identifying integration issues and preparing cost estimates;

• Assist in the evaluation of outsourced / third-party technologies and hosting environments to ensure they provide adequate protection for the processing, transmission, and storage of MTN's information;

• Ensure the development of security architectural and development standards for all components of key application stacks (OS, DB, Middleware, Web etc.) and cloud environment (in collaboration with CCOE);

• Maintain a 3 - 5 years security architecture road map with budget requirements to prevent future cybersecurity attacks. Articulate the solution to senior management to receive executive buy-in

• Support the activity of the Architecture Working Committee (AWC) and support the periodic request of the architecture principles related to information security

• Support AI working group and the definition of "security guardrails" as part of the Responsible AI initiatives

• Support the network standardization activities of the GSMA Fraud and Security Group (FASG)

• Assist with management of divisional budgets in line with business objectives and facilitate forecasting;

• Manage project initiative budgets in line with business objectives; and

• Drive initiatives that will ensure that the "cost of operations" are reduced, in line with a least cost operating strategy stemming from the business drivers

• Work with the Senior Manager: Information Systems in order to implement the overall information security architecture requirements and framework, overarched by the business risk strategy;

• Responsible for the implementation of the information security architecture roll-out definition and actualization via third parties;

• Roadmap definitions for security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements

• Job Requirements (Education, Experience and Competencies)

Education:

• 4/6-year Information Technology/ Information Systems/ Engineering (or related) Degree

• Master's in business administration is advantageous

• CISSP/CISM/CEH/CSSP (one of)

• SABSA and/or TOGAF qualification will be an advantage

• Cloud certifications (Azure, GCP, AWS) will be an advantage

• DevSecOps certifications will be an advantage

• IA and responsible AI certifications will be an advantageOther Architectural qualifications (ITIL, TMF, COBIT) will be an advantage

Experience:

• 3-5 years of relevant work experience in Information Technology (specifically security)

• Experience in designing and implementing organisation wide information security systems architecture

• Experience in managing and implementing large scale information security projects

• Experience working in Africa and Middle East and have a grasp of political, social, infrastructure and integrity challenges

• Good understanding of the information technology environment of a telecom company

Functional Knowledge:

• Knowledge of technical security disciplines, specifically around security architecture, engineering, and solution delivery

• Knowledge and experience across security products, tools, and industry trends: e.g. Mobile Network Security, Hardware Configuration, Network Protocols, Networking Standards, Windows, Linux and Unix operating systems, Application Security, Data Security, generative and analytical AI models and safeguards, Application integration and Infrastructure Security, Security Frameworks (ISO27001, COBIT, NIST etc.), security attacks pathologies, wired and wireless security, and cyber laws and ethics

• Security protocols, communication protocols, cryptography, authentication and authorisation across mobile networks and systems

• Implementation of multi-factor authentication, single sign-on, identity management or related technologies

• Working knowledge of current security risks, risk management and assessments

• Deep understanding of the MTN business and technology strategy

Skills

• Strong Analytics/data interpretation and presentation skills

• Learning, self-development and continuous improvement

• Detail orientation and high standards on work performed

• Negotiation skills, Interpersonal skills, conflict management and problem solving

• Stress Management and Emotional Intelligence

Behavioural Qualities

• Analytical, organised and methodical

• Operationally astute, proactive, detail-oriented

• Results drive team player