We’re recruiting for the position of Specialist: Cyber Security (Networks). The purpose of this position will be to lead the development and implementation of advanced cyber security capabilities and controls across mobile, fixed, satellite, cloud, and IoT networks to protect against evolving threats. The Cyber security Specialist will iInitially focus on enterprise environments across all Group markets, driving key security initiatives for Enterprise Customer Premise Equipment, IP Core Networks, Network Management Systems, Office Connectivity, Monitoring and Analytics, as well as Measurement and Assurance. This will include establishing and maintaining sustainable processes to ensure secure configurations and compliance with ISO27001 and NIST standards; overseeing risk assessments, stakeholder engagement, and project delivery in alignment with regulatory requirements; and providing leadership and mentorship to junior team members, fostering innovation and ensuring effective execution of security controls.
Duties and Responsibilities:
- Supporting security implementation by driving the design and execution of cyber security implementations for mobile, fixed, satellite, cloud and Internet of Things (IoT) networks, ensuring resilience against sophisticated threats
- Supporting workstream delivery by managing end-to-end delivery of key security initiatives for enterprise domains including enterprise customer premises equipment (CPE), core network, network management systems, office connectivity, cyber security controls, monitoring and analytics, and measurement and assurance, covering scope definition, design, deployment and performance review to prevent lateral attack movement
- Supporting cyber risk and compliance by conducting targeted risk assessments and applying security controls to address vulnerabilities across network infrastructure, maintaining compliance with International Organisation for Standardisation (ISO) 27001, National Institute of Standards and Technology (NIST) and applicable regulatory frameworks
- Enhancing monitoring and assurance by implementing sustainable processes for near real-time threat detection and continuous security posture assessment, integrating monitoring tools such as security information and event management (SIEM) and NetFlow, and ensuring second-line assurance to validate control effectiveness
- Achieving 95% compliance with cyber security network control requirements for hardening and customer premises equipment (CPE)
- Ensuring 100% of managed customer premises equipment (CPE), provider edge (PE) devices and core network equipment are patched, hardened and compliant with cyber security tool standards, as validated by quarterly security audits
- Improving real-time detection of network attacks by achieving a 90% success rate in identifying and containing threats through enhanced security information and event management (SIEM) and NetFlow-based monitoring
- Achieving 90% accuracy in first-line security posture measurements and second-line assurance validations for network devices, as reported through updated hardening key risk indicator (KRI) reporting processes
Minimum Requirements:
- Matric and a three-year degree or relevant tertiary qualification in Information Technology
- More than 5 years of experience in a cyber security role meeting business deliverables for enterprise and Internet Protocol (IP) networks
- Strong understanding of cyber risk management and security frameworks such as National Institute of Standards and Technology (NIST), International Organisation for Standardisation (ISO) 27001 and Centre for Internet Security (CIS) Controls
- Strong knowledge of enterprise and fixed networks
- Excellent problem-solving skills with the ability to identify and analyse complex issues
- Strong communication skills, both written and verbal
- Ability to work collaboratively with cross-functional teams and stakeholders
- Strong leadership skills with the ability to lead and manage teams effectively
- Strong organisational skills with the ability to manage multiple tasks and priorities
- Ability to think strategically and drive change
- Ability to build and manage highly motivated and innovative technical and extended teams
- An industry certification such as ISO 27001 Lead Practitioner, Cisco Certified Internetwork Expert (CCIE) Security, Certified Cloud Security Professional (CCSP), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) is strongly preferred