Senior Specialist: Risk and Compliance
Support the design and development of global Business Roles & Responsibilities ensuring alignment in approach and standards across all functional processes for Finance, GSSC, EAM, EPM and HR. Ensures the seamless integration of cross functional Delegation of Authority and leverage leading practice insights across MTN.
Manages the development, implementation, monitoring and remediation of standard Roles, Segregation of Duties and Delegation of Authority across end-to-end Business Processes to be delivered across the Boost platform, Centers of Excellence and the Operating Companies within the scope of the Boost project or the Information Security Marshall Plan.
Works closely with the Functional Process Owners to ensure that the defined Roles and Responsibilities are in-line with the relative Job profiles performing those functions.
To provide Access analysis services to enable continuous business improvements and operational effectiveness and excellence
The Senior Specialist: Risk & Compliance will be accountable to achieve the following objectives:
Responsibilities (Live Production Environment)
Implement Changes in Responsibilities in Production resulting from the Employees in the OPCO’s Position being initiated, terminated or amended.
Constant interaction with HR Business Partners to ensure changes to Roles and Responsibilities are made timeously.
Facilitate Creation of New Responsibilities and Amendment of Existing Responsibilities.
Collaborate with GRC to ensure Segregation of Duties is being maintained and relevant access is being assigned.
Facilitate changes in Delegation of Authority
Management of Role and Responsibility Remedy Tickets within SLA.
Collaborate with security in ensuring Logical access is relevant and applicable.
Review Changes in Responsibilities to ensure that Role Design Standards are enforced
Responsibility (Release Environment)
Works with the Group Application Support functional teams to support the business by analysing, allocating and testing of new privileges deployed through the release management process.
Maintaining role definition documentation post release updates
Preparation of OPCO specific auto-allocation rules to ensure new functionality becomes available post impact and risk assessment
- Minimum of 3-year tertiary degree / diploma / Certification
- CISM/CISSP advantageous Relevant certification / accreditation / membership with professional body as required for role
- Fluent in English
- 3 – 5 years work experience in Risk & Compliance
- Experience in Information Security and Logical Access preferred
- Experience with Governance and/or Compliance Frameworks, like CoBiT, ISO 27001 advantageous
- Understanding of Access and Identity Management concepts
Demonstrated business analysis and project management skills required
A good understanding of IT logic and concepts
Excellent oral and written communication skills