Airtel Nigeria (Airtel Networks Limited), a leading mobile telecommunication services provider in Nigeria and a member of Airtel Africa Group, is committed to providing innovative, exciting, affordable and quality mobile services to Nigerians, giving them the freedom to communicate, rise above their daily challenges and drive economic and social development.
A truly innovative company, Airtel has showed resilience, charting new paths in meeting the demands and needs of its esteemed stakeholders and enhancing distribution as well as providing affordable services to empower more Nigerians.
Job Title: Information Security and Business Continuity Manager
Bharti Airtel intends to protect its business sensitive information by implementing the controls pertaining to People, Process and Technology.
These are achieved by implementing information security policies, procedures and practices within various business processes, product/services and employee activities across all functions and lines of business.
This job is required to ensure the on-ground enforcement and continual monitoring of security operations within all Airtel money functions, strategic partners and other third parties in the defined OpCos.
It encompasses security operations within Data Centres, providing support for managed security services and New Product Development (NPD)
- supporting business and technology teams by evaluating security related aspects of critical services in Airtel Money
- assessment of the solutions and services platform
- monitoring of ongoing IT & NW security projects
- application security;
- facilitating Internal and External IT audits & helping the operations team during on-ground closure of the audit observations;
- carry out investigations and forensics;
- assessment of the risks that may lead to breach of confidentiality and business disruptions;
- implementing process/technology controls to mitigate the identified risks; closely interacting with respective security heads in other OpCos;
- reviewing fraud management activities done by operations teams;
- collaborating with functions to roll-out security policies and procedures;
- ensuring availability of appropriate security IM, GSDs, and system-level implementation procedures in association with system-owners;
- owning the responsibility of ensuring ISMS implementation and successful certification (ISO 27001 and 22301) once undertaken in the airtel locations;
- reviewing functional implementation of security through ISWG and respective function heads within OpCos;
- mitigation of the risks that may arise out of Third Parties and eventually ensuring compliance to BTSP;
- preparing the dashboards for top management review,
- managing the OpCo-wide security override function, according central security approvals after evaluating associated risks;
- supporting BCP/DR activities; ensuring implementations of security controls at the critical processing areas such as shared services (RA, CSD, Finance, HR and SCM);
- monitoring compliance artefacts supporting partner security SLAs; and institutionalizing Customer Privacy Framework.
Desired Skills and Experience
Bachelor Degree of Science/ Technology/Engineering (preferably in IT or Computer Science & Engineering)
Security Certification preferred (e.g. CISA, CISSP, CEH, etc)
- The ideal candidate should have excellent knowledge of Information Security standards, policies, controls and structures prevalent in the telecom industry along with Africa operating environment.
- Extensive experience in handling information security operations or consulting for large and geographically dispersed organisations.
- A high level appreciation of Security Architecture and Infrastructure across application, middleware, OS and network domains
- Experience in operational and strategic information security risk management.
- Should have adequate knowledge of the ISO 27001 Standard.
- A detailed understanding of systems design and systems development methodologies is required.
- Should have adequate experience in handling large and complex projects
- Should be familiar with the contents of relevant Government Acts and Guidelines in the Information Technology domain.
- Excellent knowledge of information security frameworks such as COBIT.
- Knowledge and experience in the preparation of asset registers, conduct of risk assessments and in the preparation and implementation of risk treatment plans.
- Knowledge of the latest trends, technology developments, tools and methodologies in the IS Risk Management arena.
- Experience in handling geographically spread teams with proven team leadership skills.