Job Openings at Safaricom

Description

We are pleased to announce the subject career opportunity within Technology (M-Pesa Africa) reporting to the Director-Technology (M-Pesa Africa).

Role Description

With 5 direct reports and 6 indirect reports, as the Head of Cyber Security, you will be responsible for:

• Overall planning, supervising, coordinating, advising, and managing all operations related to MPA risks, Audit & Reviews (Internal and External)
• Managing all the intergroup or inter-company functions related to Technology security
• Planning and execution of the company and Group strategy, budgets, and deliverables, specifically related to Cybersecurity
• Overall compliance & governance management of the MPA Technology environment, with a core focus on technology and the related processes and procedures
• Improvement of the Cybersecurity posture of the company through several initiatives, including but not limited to Cyber Security Baselines

Key Role Responsibilities

Impact on the business

• Coordinate delivery and assessment of cybersecurity baselines (CSBs) across all MPA relevant business areas and processes
• Design effectively and efficiently implement Cyber Security controls and requirements across MPA environments
• Own demand planning and forecasting for Technology security, for all systems, services, and processes within the portfolio, working together with vendors and internal customers
• Ensure all M-Pesa and third-party systems’ products, services and projects are compliant with the MPA minimum security requirements and Cyber Security Baselines (CSBs)
• Responsible for the set-up, execution, and maintenance of the security incident management and coordination process in conjunction with incident management capabilities
• Management of the vulnerability scanning, patching, and penetration tests and tracking resolution of vulnerabilities and patches in MPA systems, per the relevant MPA security policies
• Coordinate all internal and external audits around Technology systems and processes, ensure these systems are free from known Technology audit findings and ensure all audit findings in these systems are closed within agreed timelines
• Perform risk assessments across Technology areas, provide risk reports (including risk management committee reports and audit committee reports) to management as and when requested.

Customers, supplier, and third parties

• Ensure compliance with Legal, Regulatory and key stakeholders’ requirements across the Technology domains
• Responsible for monitoring of compliance of the Cybersecurity managed services contract, to ensure it is within agreed SLA
• Responsible for validation, timely completion, and accuracy of Technology audit checklists and user access rights reviews
• Coordination of analytical processes and incident response measures
• Ensure proper implementation, projects and change management processes compliance for all planned and emergency changes in Technology systems

Leadership, Planning and Human Resource Management

• Manage all the Cybersecurity budgets and planning, in alignment with the company and Group strategy
• Manage the Cybersecurity subordinate resources (FTEs and contractors) for their tasks/job descriptions effective implementations
• Skills development within the Cybersecurity department
• Performance Management of the Cybersecurity team
• Provide input to Security Policies and requirements on Technology security methods and technologies
• Implement and measure compliance with the MPA cyber code across all users
• Provide regular and accurate management reporting on Cybersecurity service performance
• Build and manage relationships with key stakeholders to disseminate information and drive mitigating actions

Innovation and change

• Manage the Security and Privacy by Design Assurance (SPDA) processes of the GDPR and business requirements
• Continually assess and review security policies and controls, to support business requirements and changing security landscapes
• Drive continuous improvement through simplification of key cybersecurity processes
• Set-up of analytics framework and tools

Communication

• Work closely with the projects management team to ensure secure development of software codes and products is adhered and maintained throughout the software development life cycle
• Drive internal and third-party service review meetings covering performance, service improvements, quality and processes
• Make recommendations for Cybersecurity Service Improvement Plans and ensure actions are followed through to completion in a timely manner
• Perform information security awareness and training to all MPA users and third-party vendors, and monitor the effectiveness of the awareness and training
• Driving incident planned and emergency communication processes to both internal and external audience

Qualifications

Apply if you have:

• Bachelor of Science Degree in Telecommunications, Information/Cyber Security, Information technology or Computer Science
• Security certifications (CEH, GCIA, CISM, CISA or equivalent)
• MSc or MBA and CISSP will be an added advantage
• Minimum of over 7 years’ experience in Technology and Network Systems security and atleast five years in the Cyber security field
• Demonstrated understanding and application of the Technology security internationally recognized frameworks, such as ISO27001
• Experience with budgeting for Cyber Security unit

We are happy if you have:

• Experience from the Banking Industry
• Good business acumen
• Project Management skills
• Leadership skills
• High-level negotiation skills

What you can expect from us:

• We believe in a fair and robust interview process
• We have a robust flexible total reward scheme
• Dedicated support and mentoring/coaching
• Opportunity to develop and progress – plus a solid dedication to work-life integration. It all means you’ll have everything you need to advance your career and achieve your full potential.

go to method of application »

Description

We are pleased to announce the following vacancy in the Digital IT Department within the Technology Division. In keeping with our current business needs, we are looking for a person who meets the criteria indicated below:

Brief Description

Reporting to the Manager - Enterprise Systems Planning & Delivery, Channels Solutions, the role holder will be responsible for development and 3rd line support of the Oracle Enterprise Resource Planning (ERP) application, Oracle Point of Service and bespoke oracle interfaces and software components. He or she will work with other departments within the company to identify requirements and develop solutions (database design, workflows, user/data interfaces). The role holder will also configure and/or customize Oracle ERP applications to meet business requirements using various database and software tools, assist in presentations of system functionality to new users and departments and enhance and create user and system documentation as needed.

Key Responsibilities

• Review and provide input on design approach, performance and base functionality. Ensure integration of designs across development team and design, build & test ERP components e.g. interface, conversion and report programs;
• Appropriately monitor interfaces to oracle ERP. Provide training and support on oracle ERP modules and development tools, review & interpret technical manuals for the Oracle ERP system and assist in creating/update Oracle TAR’s;
• Ensures the effectiveness of overall systems performance;
• Design and develop front-end tier(s), middle tier(s), and /or back-end database tier(s) for business applications;
• Participate in the capturing of business applications information needs and mapping of the same to the software and /or database components;
• Perform data modeling to analyze and specify data structures within an application system;
• Support new and existing application development by creating modifications and enhancements for Oracle ERP applications and perform high level system design;
• Conduct business user requirements analysis and specification;
• Specify computer system requirements for the solution of complex business problems and formulates designs for their solutions;
• Perform the necessary technical design and development functionality to ensure that business application systems can be effectively developed and implemented;
• Interact with clients to gather and refine requirements;
• Create test plans, test data sets and perform automated testing to ensure all components of the developed systems meet specifications;
• Work directly with the IT support personnel and teams to resolve issues identified and escalated during daily operations;
• Perform root cause analysis for recurring incidents;
• Formalize test plans and implement troubleshooting procedures.

Qualifications

• Degree in Computer Science or technical related field;
• Certification in Database systems and RDBMS systems, OCA, OCP or ODI certifications;
• 3 years of work experience in Oracle ERP applications development, which includes system customization and report designs;
• Conversant with OAF development
• 3 years of development experience with Microsoft development tools e.g. Java, VB, Fox Pro, Visual FoxPro;
• 3 years of development experience with low level programming C++, C;
• 3 years of work experience with RDMS preferably MS SQL Server, Oracle, Sybase, and Informix;
• Experience in data warehousing, business analysis, knowledge in Business Systems modeling and data retrieval
• 4GL for programming – Visual Basic/Oracle Application builder;
• Unix user skills;
• Experience in processes and procedures management;
• Communication and interpersonal skills;
• Attention to detail;
• Analytical Skills;
• Leadership skills.