Manager - Segregation of Duties Identity and Access Governance.Group Information Security

MTN • Full-time • Roodepoort, Gauteng, South Africa • 18h ago

Job Location : Gauteng, Roodepoort Deadline : December 28, 2024 Quick Recommended Links

Key Performance Areas: Core, essential responsibilities/outputs of the position (KPA's)

The Manager: SOD, Identity and Access Governance will have the following responsibilities:
Policy and Standards Alignment:

Ensure alignment of SoD/ IAG processes, policies, and standards with industry good practices, regulations, and frameworks
Contribute to the development and maintenance of a comprehensive SoD/IAG policies and standards framework.
Support the regular review and update of policies to address emerging security risks and changing business needs.

Segregation of Duties (SoD) Management:

Construct and implement SoD Application Standards to ensure proper access controls and separation of duties.
Support risk analysis for SoD, identifying areas of vulnerability and driving the implementation of appropriate mitigation measures with the OPCOs.
Support the facilitation of self-assessments of SoD compliance within different departments or OPCOs and business units, tracking non-compliance and ensuring timely remediation.

Technology Implementation and Management:

Contribute to the evaluation, selection, and implementation of SoD/IAG technologies and tools that align with organisational requirements.
Support oversight in the integration and utilisation of SoD/IAG technologies, such as identity management and access control systems.
Ensure the proper configuration, integration, maintenance, and monitoring of SoD/ IAG tools and systems.
Collaborate with IT teams and vendors to manage IAG tools and systems lifecycle, including upgrades, patches and enhancements
Support the establishment of presentations to obtain approvals from appropriate internal governance forums, including Architecture, Risk and Compliance, Security, and Technology functions.

Communication and Training:

Support the development and implementation of communication strategies to promote awareness and understanding of SoD/IAG across the organisation.
Contribute to effective communication channels for reporting, escalation, and resolution of SoD/IAG-related issues.
Support training programs and awareness sessions to educate employees on SoD/IAG policies, procedures, and best practices.

Compliance and Audit:

Ensure compliance with relevant internal governance and compliance policies and standards, including Security, Risk and Compliance, and Technology
Ensure compliance with relevant regulations, laws, and industry standards related to SoD/IAG.
Support the remediation of audit findings and drive the implementation of appropriate mitigation measures with the OPCOs.

Performance Monitoring and Reporting:

Contribute to the establishment of key performance indicators (KPIs), key risk indicators (KRIs) and metrics to measure the effectiveness of SoD/IAG initiatives.
Monitor and analyse SoD/IAG performance data, identify trends, and provide actionable insights.
Generate regular reports and support executive summaries to communicate SoD/IAG performance to relevant stakeholders.

Stakeholder Management:

Collaborate with the CoE team and cross-functional teams to ensure alignment and cooperation on SoD/IAG initiatives.
Support management of third-party vendor contracts for SoD/IAM and SoD/IAG-related services, including negotiation and defining deliverables and performance metrics.
Support effective management of stakeholders at various levels within the organisation, resolving issues, addressing concerns, and proactively communicating SoD/IAG initiatives and progress.

Financial Management:

Support effective management of budgets for SoD/IAG initiatives, including cost estimation, financial planning, and expense tracking.

Service Level Agreements (SLAs):

Qualifications
Job Requirements (Education, Experience and Competencies)

Education:

Minimum of 4-year tertiary degree/diploma (Business Analytics, Information Technology, or related field)
Honours advantageous
English, French (an advantage)

Experience:

2-3 years of experience at the Management level in the telecom industry
2-3 years of working experience in managing identity, access governance and segregation of duties in a large organisation, with a strong technical background
A minimum of 5 years’ experience in information security, identity and access governance (including segregation of duties), preferably in the telecom or IT industry
Experience in supporting management and implementation of large-scale identity and access governance projects.
Experience working in Africa and have a grasp of political, social, and infrastructure challenges.
Working experience in the information technology environment of a telecom company
Experience in managing stakeholders and third-party vendors.