Position: Senior Specialist, IP Network Security

Level: MTN Level 3

Function: Network Group

Department: IP Networks

Location: Accra

Reports to: Senior Manager, IP Networks

Job Summary:

To lead the design, administration, and operational management of MTN Ghana’s IP network security infrastructure, ensuring end-to-end protection of the network infrastructure and services. The role is pivotal in securing Internet-facing network security platforms and systems, data centre network environment, and the MTN corporate network infrastructure through robust design, risk management, and proactive security operations monitoring.

Job Context

• Dynamic and highly competitive technology & ICT industry
• Evolving technology era
• Multi regulated environment
• Environmental, social and governance prioritized
• Regionalization structure implication
• Multinational environment – Technology Group best practices
• Continuous Infrastructural expansion
• Performance driven and agile environment
• Diverse cultural environment
• Partnerships

Job Role

Network Security Design & Engineering

Responsible for the design and implementation of the end-to-end IP network security of environments covering:

• High-Capacity, Perimeter and Data Centre Security firewalls
• Intrusion Detection/Prevention Systems (IDS/IPS) and Unified Threat Management Systems (UTMS)
• Anti-DDoS solutions
• WAF (Web Application Firewalls) and Load Balancers systems
• Software-Defined Perimeter (SDP) and Zero-Trust Systems
• Cisco ACI (DC SDN) Solutions and Micro-Segmentation
• IP Log Management Systems (IPLMS)
• Security review of solutions and systems to be deployed on the IP network

Security Operations & Administration

• Manage and monitor day-to-day performance and compliance of network security systems
• Implement security policies and best practices across IP-Core, IPRAN, Internet gateways, and the MTN corporate network
• Conduct regular system reviews and IP network security audits
• Serve as the SPOC for internal, external and regulatory (e.g., ISO 27001, NCA) security audits
• Escalate network and firewall security incidents as defined in the MTN Information Security Incident Management Processes
• Ensure the security of the MTN corporate network infrastructure

Risk & Vulnerability Management

• Work with the relevant stakeholders to identify vulnerabilities and coordinate timely remediation
• Conduct risk assessments, impact analyses, and root cause reviews
• Assist to maintain and update network defence playbooks and controls to prevent, detect, and respond to threats
• Ensure logging and threat intelligence integrations with IP Log Management and SIEM systems

• IPv6 Security

Design and implement security mechanisms specific to IPv6 environments, including:

• Filtering and traffic inspection
• Addressing vulnerabilities unique to IPv6 (e.g., RA flooding, rogue DHCPv6)
• Secure tunnelling and transition mechanisms (e.g., 6to4, Teredo)
• End-to-end policy enforcement on dual-stack environments

Vendor & Stakeholder Engagement

• Build trusted relationships with equipment vendors (Cisco, Huawei, Palo Alto, Fortinet, Appgate, etc.) and solution providers
• Work with internal and external stakeholders to align to MTN Group security standards
• Collaborate with other departments (IT, Enterprise Services, Legal, Risk, Customer Experience) on compliance and incident management

Innovation & Security Posture Improvement

• Monitor global trends, regulatory updates, and emerging threats to continuously improve MTN Ghana’s network security posture
• Champion initiatives that protect and enhance the security reputation of MTN Ghana’s IP resources in the public and enterprise domain
• Drive automation of routine operations, vulnerability scanning, and reporting

Education

• Minimum of a BSc. Computer Science, Telecommunications, Electrical Engineering, or related field
• Must be Security+, Certified Information Systems Security Professional (CISSP)
• Preferred Certifications include CCNP Security/CCIE Security, Palo Alto PCNSE, Fortinet NSE4/NSE7, CEH, CISSP, or GIAC (GCIH/GCIA), ITIL/ISO 27001 Lead Implementer (advantageous)

Experience

• A minimum of six (6) years of hands-on experience in IP networks and security architecture
• At least 3 years of which must have been at a technology/telecoms company in the IP Network Security field
• Proven expertise in managing SRv6/MPLS/IP-Core networks, and secure Data Centre environments
• Strong grasp of IPv6 technologies and associated security frameworks
• Experience with security operations, audits, and incident management
• Must also be able to review existing security solution and network designs.

Knowledge

• In-depth knowledge of TCP/IP, IPv4/IPv6, IP routing (BGP, IS-IS, OSPF), subnetting, NAT, and switching.
• Hands-on experience with IP network design, including SRv6, MPLS, VRFs, VLANs, and overlay networks.
• In-depth knowledge of configuration and management of provider-grade firewalls.
• Proficiency in security solutions design, segmentation, VPNs (IPSec, SSL).
• An expert in threat and vulnerability assessment, remediation planning and vulnerability lifecycle tracking.
• Knowledge of network behavior analysis, signature-based detection, anomaly detection, and incident response.
• Understanding of zero-trust models, threat modeling, and kill chains.
• Experience with Security Information and Event Management (SIEM) tools.
• Secure deployment of IPv6 (RA Guard, DHCPv6 filtering, IPsec for IPv6).
• Security in data center network infrastructure, cloud-native and hybrid environments (e.g., AWS, Azure, GCP).
• Familiarity with standards such as ISO 27001, NIST CSF, MITRE ATT&CK, and CIS Controls.
• Project Management skills.

Must live the MTN Values of

• Lead with Care, Collaborate with Agility, Serve with Respect, Can Do with Integrity, Act with Inclusion, COS

Must exhibit the MTN Vital Behaviors of

• Complete Candor, Complete Accountability, Active Collaboration & Get it done.

• Qualified applicants should indicate Vacancy Ref no: MTN-NWGIPSS252 as the email subject and ensure that CVs are saved in their names. Applications without the subject and CVs saved in their names will automatically be disqualified.
• Interested and qualified applicants should send their Curriculum Vitae by 23rd May 2025 to: [email protected]
• Only shortlisted applicants will be contacted.