Job Summary

• Responsible for conducting Technology, Security and Network Audit projects and consulting services relating to governance and risk identification for both MTN management and staff towards reviewing the goals, objectives and impact of a variety of economic, financial, operational and managerial programs in conformance with company policy and procedures, Group Internal Audit methodologies and IIA standards of professional practice.
• Also perform information systems audit concentrating on the high-risk areas of MTN Ghana’s IT and Telecom Infrastructure by identifying key weaknesses in the design and operating effectiveness of controls and providing recommendations to address issues highlighted.

Context:

MTN is entering a new phase in its lifecycle where operational and commercial excellence has become critical for success. The urgency for change has become more heightened amidst increased competitive intensity across all markets in which MTN operates. The Internal Audit – Technology, Security and Network Audit sub-function must therefore ensure successful delivery in the context of:

• Diversifying telco-to-techno landscape
• Evolving industry ecosystems
• Shifting Audit landscapes
• Evolution of Audit approaches to include multiple lines of defence.
• Constant dynamic risk challenges faced.
• Management of demanding customer and
• King IV Corporate Governance Principle.
• Dynamic and highly competitive telecommunication & ICT industry
• Highly regulated, performance driven environment and diverse cultural environment
• Companywide accessing processes and functions across all divisions.
• Shared Services Hub (SSH) Operating Model, Outsourced IT and Telecom services
• Cloud services, virtualization, complex networks and technologies

Internal Audit (IA) and Combined Assurance (CA) Methodologies, BRM Frameworks, Policies, Processes and Procedures.

Key Tasks:

• Create a holistic picture of each project to provide context for the findings, and implement procedures as required to perform Technology, Security and Networks audits.
• Manage expertise and resource planning and requirements for Technology, Security and Networks Audit assignments, special assignments and management requests.
• Manage the audit assignments’ progress and escalate any roadblocks to completion to the Senior Manager for intervention and resolution.
• Ensure that IA methodology as prescribed by Group Internal Audit is strictly adhered to, including identifying and defining issues, developing criteria, reviewing and analysing evidence, and documenting Technology, Security and Networks processes and procedures.
• Implement the audit program, recognise control weaknesses, assess the materiality of these weaknesses, and relate them back to the scope and objectives of the audit.
• Review the audit programs to ensure the appropriate testing mechanisms.
• Conduct interviews, review documents, develop and administer audit surveys, compose summary memos, and prepare working papers, identify, develop, and document audit issues and recommendations for improvement, as guided by Senior Manager, IT Audit.
• Develop recommendations for bringing programs and operations into compliance with goals and objectives and write up reports to document findings.
• Perform control adequacy and effectiveness reviews of business processes. Communicate the results, findings and recommendations of audit projects through written reports and face-to-face presentations on a timely basis.
• Ensure that the audit is carried out on the eGRC system in line with process and methodology as mandated by the Group Internal Audit and Forensics function Follow up on the implementation of audit recommendations in a timely manner.
• Interact with staff, Audit Managers, General Managers, IAF consultants, and when necessary, with Executive Management to obtain and/or communicate relevant information to achieve the objective/s of the Technology, Security and Networks Audit function.
• Perform technical, information security and IT general controls audit of existing and planned technology systems/infrastructure including but not limited to network devices, operating systems, databases and other applications deployed in MTN Ghana.
• Evaluate efficiency, effectiveness and compliance of systems and supporting operational processes with corporate information security policies, procedures, standards and guidelines.
• Co-ordinate and supervise the conduct of risk-based audits to ensure coverage of high-risk areas of MTN Ghana’s operations whilst balancing the risk and cost of control.
• Serve as an internal consultant to management and staff on internal control and operational issues.
• Maintain all MTN and professional ethical standards and ensure internal audit activities are carried out in compliance with The International Standards for the Professional Practice of Internal Auditing (Standards) and IIA Code of Ethics
• Support the Senior Manager: IT Audit in coordinating with the External Auditors where needed and facilitate their fieldwork within MTN

Qualification Required & Experience

Job Requirements (Education, Experience and Competencies)

Education:

• Minimum of a Degree in Accounting/Information Systems/Computer Science and/or
• Certified Information Systems Security Professional (CISSP) – a plus
• Certified Information System Manager- a plus
• Certified Information Systems Auditor (CISA) a plus
• Chartered Accountant/CIA in related field (i.e. Audit) a plus
• Network, operating system and database certifications.

Experience:

• Minimum five (5) years’ experience in information security and/or information systems audit
• Analytical skills and proficient in the use of ACL, IDEA and other CAATS
• Knowledge in SQL and programming/scripting skills
• Knowledge in Data Analytics and Power BI
• Experience in penetration testing.
• Experience in risk management, governance, security and compliance.
• Understanding of complex IP/MPLS networks and technologies
• General understanding of telecoms and regulatory environment

Professional/Technical competencies:

• Knowledge of accounting principles, practices techniques and theories of financial reporting and internal controls
• Auditing standards, practices and techniques
• Computer application used in auditing and data processing.
• Ability to interpret information and understand underlying commercial drivers of performance of Telecom industry.
• Ability to plan, implement and maintain a comprehensive audit program and audit activities.
• Analyze, evaluate and resolve basic internal control problems.
• Ability to identify information security vulnerabilities and technical controls standards for networks, operating systems and databases
• Strong investigations skills – preferably in the context of Technology
• Project Management

Skills / physical competencies:

• Ability to manage self and be a team player, good conflict management, take and manage accountability.
• Energy & Drive – Innovative, takes initiative, result oriented and develops self consistently.
• Interpersonal Skills – Leadership, customer centricity, collaborative and coaches & develops direct reports.
• Personal Skills – Trustworthy, integrity and ethical in dealings
• Operating Skills – Ability to focus on priorities and plans, shares knowledge effectively.
• Organisational Positioning Skills – Good written and verbal communication, presentation skills, commitment to the organization
• Strategic Skills – Global thinker, Analytical thinking and Problem-solving abilities.

Behavioural qualities:

Must live the MTN Values of

• Lead with Care, Collaborate with Agility, Serve with Respect, Can Do with Integrity, Act with Inclusion

General working conditions

• Anywhere/Anytime work/ Ability to manage self/Personal accountability.

Location: Accra

How To Apply For The Job

Qualified Applicants should indicate Ref number: MTN-IA&F001-2024 as the email subject and ensure that CVs are saved in their names.

Qualified Applicants should send their Curriculum Vitae by 26th July 2024 to:

[email protected]

Applicants should have served at least twelve (12) months or more in their current role with Scancom PLC. Applicants should also make their managers aware that they are applying for the position.

Closing Date: 26 July, 2024

Only shortlisted applicants will be contacted.