Manage and lead the Technology Security Cyber Security Baseline Assurance needs across Vodafone Ghana. To further provide security assurance, guidance and support to high profile projects according to company defined policies and requirements, best practice and local/international standards (PCI, SOX, ISO27001, GDPR, POPIA and Cyber Crime Bill of 2015) relevant to the technology security area. He/She should have credible experience in Information Security and Cyber Security Governance, Risk and Assurance based on proven frameworks such as COBIT 5, ISO27001/2, and the NIST Cybersecurity Framework. As a key member of the Vodafone Ghana Cyber Security team, the candidate should be comfortable with driving information security assurance ideas and communicating clearly with technical as well as non-technical audiences
Job Title: Cyber Security Specialist
- Provide supervisory technology security assurance, guidance and support to the Vodafone Ghana (VFGH) team as well as Vodacom Group & Vodafone Group where needed.
- Assure that security is embedded in IT System and Network Infrastructure (Mobile, IS and Enterprise) across the Vodacom Group.
- Defining, implementing and efficiently maintaining technology security controls and requirements.
- Ensure timely delivery of technology security assurance and support for projects.
- Provide SME input to Technology Security Policy requirements and procedures.
- Provide accurate and timely reporting of technology security risks identified during project engagement and propose remediation and mitigation options.
- Participate in creation and execution of technology security strategy.
- The role requires the individual to monitor information security governance, risk, and compliance by Vodafone Ghana Corporate IT, Mobile and Enterprise Business domains.
- Engage with the stakeholders on control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement.
- Interpret and manage the controls and capabilities required for VFGH to establish and comply with an information security management system in alignment with information security international best practice and/or industry standard(s).
- Develop, manage and implement the Vodafone information security audit and assurance plans and schedules, including any specific business needs and requirements (including PCI, ISO27001, GDPR, POPIA, Cyber Crime Bill).
- Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments.
- Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions.
SecurityRisk and ComplianceMonitor and DiagnoseMobile and Network SecurityImplementation and IntegrationChange and AdaptabilityComplexity ManagementAssurance / AssessmentCommunicationRisk ManagementProfessional / Technical Skills
- Bachelor’s Degree in Computer Science, Information Security, Engineering or Technology or other related fields.
- Minimum of 5+ years of experience in Tech Security role.
- Knowledge of technology management/compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
- Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.
- A diverse security background with knowledge in several areas including: layered security architecture; internet protocols; firewalls; VPN technologies, IDS/IPS, network access control and network segmentation, anti-malware and spam technologies; risk and vulnerability assessments, and compliance.
- Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
- Windows, UNIX and Linux operating systems.
- Practices and methods of enterprise architecture and security architecture
- Network security architecture development and definition.
- Web Security & Encryption