Background

We at MTN Mobile Money Zambia are a purpose and value-led organization.

At MTN Mobile Money Zambia we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, every day. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood, and empowered to live an inspired life.

Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us. This is what we want you to experience with us!

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers and stakeholders with a vision to realise our shared goals.

We are delighted that you are considering us as your career partner to make a mark in the world. We look forward to your application!

Mission

To strengthen and safeguard MTN Mobile Money Zambia’s FinTech environment by implementing, monitoring, and enforcing information security policies, standards, and controls, ensuring the confidentiality, integrity, and availability of systems and data across all MoMo platforms.

Responsibilities or duties

• Ensures implementation of technical security standards on FinTech platforms as well as ongoing monitoring and reporting of compliance against the (NIST,ISO27001,BOZ, Data protection);
• Conduct vulnerability assessments and coordinate penetration testing activities
• Facilitates the timeous closure of incidents and vulnerabilities in relation to FinTech platforms;
• Plans and conducts IT risk assessments and maintains an adequate information security risk register;
• Coordinates all IT audits/assessments with internal and external auditors/partners;
• Coordinates with other divisions and departments in both Information Security and projects;
• Acts as the companywide contact and first responder for IT security incident reporting;
• Leads access management, ensuring user account deactivation on all platforms for resigned/terminated staff alongside HR;
• Support ongoing development, implementation, and maintenance of security policies and procedures;
• Maintains responsibility for security monitoring, compliance, and reporting on all IT systems;
• Provides input into the development and implementation of the Information Security Strategy;
• Recognizes problems by identifying abnormalities and reporting violations;
• Implements security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits/reviews;
• Manages all security monitoring tools, reporting potential threats and resolving incidents;
• Reviews logs and security exception reports generated by security monitoring tools such as SIEM and EDR, driving the resolution of reported issues.

Qualifications or requirements

• Grade twelve (12) Certificate with 5 credits or better including English and Mathematics:
• BS in Computer Science, Information Management, Cyber Security
• ITIL Foundation/COBIT 5 Foundations
• CySA+, Security+, SSCP, CISA, CRISC, CISM, and CGEIT (advantageous)

Experience needed

• 2-3 years progressive experience in Information Security Operations and/or Governance, Risk and Compliance coupled with exposure to implementing frameworks such as ISO 27001, PCI DSS and NIST and/or
• 1-3 years experience in IT, managing Windows or Linux servers and/or
• 1-3 years Corporate/IT Governance, Risk and Compliance and/or
• 1-3 years of IT Auditing

Other provided details

Behavioural Qualities: Demonstrates proactive ownership and disciplined adherence to information security standards by consistently applying secure practices, identifying risks early, and collaborating with stakeholders to maintain a resilient FinTech environment. Upholds high ethical standards and accountability while ensuring that all actions and decisions reinforce the confidentiality, integrity, and availability of MoMo systems. Shows strong customer‑centric judgement by balancing security requirements with operational needs, and continuously drives a culture of vigilance, compliance, and responsible security behaviour across the organisation.

Candidates are mandated to answer the below on their cover page to the hiring Manager. Values are the core of MTN Zambia’s culture. Our five values called ‘Live Y’ello’ is the force that unites and inspires each one of us to make an impact that matters in the world. So, tell us: Which one of our five Live Y’ello Values resonates most with you and why? (limit 250 words)

• Lead with Care
• Can-do with Integrity
• Collaborate with Agility
• Serve with Respect
• Act with Inclusion

Hand delivered applications will not be accepted.

"For details on how we handle your personal data, please review our Data Privacy Notice for Job Applicants atwww.mtn.zm/data-privacy-notice-job-applicants."

Note: that only shortlisted candidates will be contacted.

• Ensures implementation of technical security standards on FinTech platforms as well as ongoing monitoring and reporting of compliance against the (NIST,ISO27001,BOZ, Data protection);
• Conduct vulnerability assessments and coordinate penetration testing activities
• Facilitates the timeous closure of incidents and vulnerabilities in relation to FinTech platforms;
• Plans and conducts IT risk assessments and maintains an adequate information security risk register;
• Coordinates all IT audits/assessments with internal and external auditors/partners;
• Coordinates with other divisions and departments in both Information Security and projects;
• Acts as the companywide contact and first responder for IT security incident reporting;
• Leads access management, ensuring user account deactivation on all platforms for resigned/terminated staff alongside HR;
• Support ongoing development, implementation, and maintenance of security policies and procedures;
• Maintains responsibility for security monitoring, compliance, and reporting on all IT systems;
• Provides input into the development and implementation of the Information Security Strategy;
• Recognizes problems by identifying abnormalities and reporting violations;
• Implements security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits/reviews;
• Manages all security monitoring tools, reporting potential threats and resolving incidents;
• Reviews logs and security exception reports generated by security monitoring tools such as SIEM and EDR, driving the resolution of reported issues.

• NIST
• ISO27001
• BOZ
• Data protection
• Vulnerability assessments
• Penetration testing
• IT risk assessments
• Information security risk register
• IT audits
• Access management
• Security policies and procedures
• Security monitoring
• SIEM
• EDR

• Grade twelve (12) Certificate with 5 credits or better including English and Mathematics
• BS in Computer Science, Information Management, Cyber Security
• ITIL Foundation/COBIT 5 Foundations
• CySA+, Security+, SSCP, CISA, CRISC, CISM, and CGEIT (advantageous)