Cyber Defence Operations Manager
Cyber Defence Operations (CDO) is Vodacom Tanzania’s Cyber Defence Operations Centre of Excellence.
CDO’s mission is to protect Vodacom customers against cyber risks. CDO is specifically accountable for delivering:
- Cyber Defence operational leadership within Vodacom Tanzania.
- Cyber Defence operational capabilities to Vodacom Tanzania, to enhance Vodacom’s cyber defence posture and reduce its cyber risks.
The purpose of this role is to provide the Vodacom Tanzania element of the Cyber Defence Operations (CDO) ‘follow the sun’ security incident management operational model. This role is responsible for picking up security incidents, managing and coordinating them to resolution. This includes management of; incident analytics and triage, response and mitigation activities, and the coordination between the various involved parties for service restoration and root cause investigations. This includes as well vulnerabilities identified in the Vodacom systems, through various sources such as tools scanning and external sources
Key accountabilities and decision ownership:
Impact on the business
Responsible for the set-up, execution and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
Support the global implementation of Vodafone’s and Vodacom Group cyber incident management operating model, frameworks, processes and tools.
Management of the vulnerability scanning, patching and penetration tests and tracking resolution of vulnerabilities and patches in Vodacom systems, per the relevant Vodacom security policies
Continuously monitor Vodacom systems for security incidents, threats and malware that may happen and perform investigation
Coordinate all internal and external audits around Technology systems and processes, ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines
Perform risk assessments across Technology areas, provide risk reports (including risk management committee reports and audit committee reports) to management as and when requested
Customers, supplier and third parties
Managing the incident processes between all relevant parties (Vodafone, Operating Companies, Suppliers, etc.)
Coordination of analytical processes and incident response measures
Act as a Vodacom Tanzania cyber incident management expert, using his/her personal experience and judgment to quickly determine the right treatment of cyber events and incidents.
Co-ordinate the technical & non-technical responses to live cyber events and incidents across resolver teams.
Leadership and teamwork
Functional lead for managed incident handling as well as underlying processes and tools
Contribute to the overall performance and success of the Cyber Defence Operations
Team up with other teams, departments and customers for problem and incident resolution
Build and manage relationships with key stakeholders to disseminate information and drive mitigating actions.
Work with other cyber teams to identify significant threats/actors posing a potential risk to Vodacom.
Innovation and change
Set-up of analytics framework and tools
Taking ownership for incident management processes
Drive and improve incident management capabilities
Strong communication skills in order to drive the various operationally required incident communication processes with the Cyber Defence Operations environment towards Vodacom and non-Vodacom staff, internal and external customers as well as partners and suppliers
Managing the incident process communication and provisioning of appropriate technical media (e.g. on demand conference call lines)
Driving incident emergency communication processes
Provide oral and written reporting and analytics on all cyber security incidents.
Be included in our out of hours on call schedules, providing 24/7 support.
Coordinate the information security awareness and trainings to all users, and monitor effectiveness of the awareness and trainings
Responsible for clear, accurate and punctual communications to internal stakeholders and customer facing teams
Responsible for chairing and driving Management and/or Technical conference calls and discussions, and escalations, up to Director level
Perform any other task that may be assigned to him/her from Cyber Security management
Core competencies, knowledge and experience
Must have technical / professional qualifications:
Bachelor of Science Degree in Telecommunications, Information/Cyber Security, Information technology or Computer Science
Security certifications (CEH, GCIA, CISM, CISA, CISSP or equivalent)
Minimum of three years’ experience in Technology Systems security and/or Cyber security field
Advanced knowledge of mobile telecommunications network architectures, IT systems, networks and applications.
Experience in Penetration Testing / Ethical Hacking
Experience in Databases and servers management
Experience in Networking
Experience in Web Applications
Experience in scripting and programming languages
Experience in working on international projects
A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills
Good communication skills
Excellent interpersonal skills;
High level negotiation skills;
Extensive computer user knowledge and skills essential; in Word, Power point and Excel
Strong analytical skills;
Excellent planning and organizing skills.
Good business acumen
Project Management skills
Conflict resolution skills
Ability to work independently and under pressure.
Strategic orientation balanced with operational imperatives
Ability to deal with issues of a complex nature
Ability to work under constant and changing pressure.
Action Orientation and high energy level
Job Type : Full-time
Employment Type : Permanent
Closing Date : 11-Jun-19, 8:59:00 PM