Manager - Cyber Security Prevent

**Role purpose**:
The Manager - Cybersecurity Prevent will coordinate the team, tools, processes and operations of the Cyber Security Prevent Team responsible for managing, optimizing and deploying Cybersecurity solutions and capabilities to safeguard the information assets and reduce the Cybersecurity risk for M-Pesa Africa and its customers. The role holder will also coordinate the cyber relations with all the markets where M-Pesa Africa operates and act as a liaison with the Technology Operations team.

**Your responsibilities will include**:
**Reporting to the Head of Cyber Security (MPA), as the Manager - Cyber Security Prevent, you will be responsible for**:
Leading, inspiring, and managing the Cyber Prevent team
Maintenance and support of all the cybersecurity systems including (but not limited to) Firewalls, WAF, Antivirus, Network and Host IDS/IPS.
Managing the entire Cybersecurity Opex Budget
Liaison and lead collaboration with the respective Cyber teams in the various Markets M-Pesa Africa operates
Acting as the Cyber SPOC for the Technology Operations team
Driving the Patch and Vulnerability Management Program to reduce our risk exposure
Troubleshoot and remediate Level 1/2/3 issues impacting Cybersecurity operations
Facilitate implementation, management and optimization of Cyber Security policies, standards and procedures
Ensure adequate OPEX budget, resource and management focus is on cyber security risks
Manage the different Cybersecurity Audits and reviews
Implement actions to close MPA risks, Audit & Reviews (Internal and External)
Improvement of the Cyber security posture of the company through several initiatives, including but not limited to Cyber Security Baselines.

**Impact on the business**
Coordinate optimization of the Operational & Monitoring cyber security baselines (CSB) controls across all MPA-relevant business areas and processes
Optimize and maintain Cyber Security controls and requirements across MPA environments
Ensure all M-Pesa and third-party systems’ products, services and projects are compliant to the MPA minimum security requirements and Cyber Security Baselines (CSBs)
Responsible for the set-up, execution and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
Management of the vulnerability scanning, patching and penetration tests and tracking resolution of vulnerabilities and patches in MPA systems, per the relevant MPA security policies
Support all internal and external audits around Technology systems and processes, ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines

**Customers, supplier and third parties**
Ensure compliance with Legal, Regulatory and key stakeholders’ requirements across the Technology domains
Responsible for monitoring of compliance of the Cyber security managed services contract, to ensure it is within agreed SLA
Support for validation, timely completion and accuracy of Technology audit checklists and user access rights reviews
Coordination of analytical processes and incident response measures
Ensure proper implementation and change management processes compliance for all planned and emergency changes in Technology systems

**Leadership, Planning and Human Resource Management**:
Manage all the Cyber security OPEX budgets and planning, in alignment with the company and Group strategy
Manage the Cyber security subordinate resources (FTEs and contractors) for their tasks/job descriptions effective implementations
Skills development within Cyber security department
Performance Management of the Cyber security team
Provide input to Security Policies and requirements on Technology security methods and technologies
Support Implementation and enforcement of the MPA cyber code across all users
Provide regular and accurate management reporting on Cyber security service performance

**Innovation and change**
Maintain the Security and Privacy by Design Assurance (SPDA) processes of the GDPR and business requirements
Continually review and enforce security policies and controls, to support business requirements and changing security landscapes
Set-up of analytics framework and tools
Drive continuous improvement through simplification of key cyber security processes

**Communication**
Drive internal and third-party service review meetings covering performance, service improvements, quality and processes
Make recommendations for Cyber security service Improvement Plans and ensure actions are followed through to completion in a timely manner
Support information security awareness and training to all MPA users and third-party vendors
Driving incident planned and emergency communication processes to both internal and external audience

**Qualifications**
Degree in Electrical Eng/Computer Science/Information Technology or equivalent Technology-related degree
At least one professional Inf