As one of the top employers in the country, Jazz epitomizes the philosophy that each Jazz employee is passionately living a better every day inspired and enabled by visionary leadership, a unique professional culture, a flourishing lifestyle and continuous learning and development.
Our team & you
To continue and change the lives of our 55 million customers. We’re a world-class organization and have assembled the right team to begin scaling aggressively. This is an opportunity for someone who wants to be part of something big and transformative, someone who will play a critical role in driving our success.
What the first 30-60-90 days in the job will look like?
-Within 30 days you will:
Attend and graduate from our company-wide on boarding process along with detailed orientation program where you will learn Jazz’s values, business, and products
Meet relevant internal and external stakeholders e.g. vendors and principles, BSS-IT, network EDN, IT helpdesk & Information Security Governance teams.
Develop understanding of existing infrastructure and network design architecture
Develop understanding of PO/PR process, contract management, Service Levels and Operation level agreements
Develop understanding of existing IT security policies and procedures
-Within 60 days, you will:
Establish good relationship with relevant stakeholders e.g. BSS-IT, network EDN, IT helpdesk & Information Security Governance teams.
Prepare Gap analysis report; identify areas of improvement, validate existing processes and procedures following industry best practices and standards to enhance security levels.
Share high-level plan: Information Security roadmap, plan to mitigate identified risks in minimum possible time.
Alignment with Information security governance teams (Jazz and Veon).
-Within 90 days to onwards you will:
Share Low-level design, how to enhance customer information/data security?
Manage IT Security routine operation
· BYOD: Plan and rollout of BYOD before December, 17 with close coordination of internal stakeholders, and devise a proper communication plan with corporate communication team for the successful rollout.
· APT: Nationwide Implementation & rollout of Advance Persistent Threat Protection solution
· Network Hardening: End-to-end planning to strengthen and enhance network security in order to protect customer information from internal and external threats.
What we have done and what we will do with YOU
In the last one-year Jazz is a huge success story in terms of business transformation, we were market leaders and we still are market leaders but with huge margins specially after successful merger of Jazz and Warid.
A bit about you:
We are looking for someone who has already delivered challenging projects and has taken end-to-end responsibility from planning to execution of Information Security Solution in complexed network environment preferably in Telco industry.
We are looking for someone who can lead the team providing proactive 24x7 monitoring of the information environment to detect, analyze, track and mitigate external threats. Who can oversight and provide direction to security team how and what to monitor on end user computing, networks and systems. Ensure compliance of processes and procedures, interaction and escalation with 3rd parties, alignment to emerging threats and incident trends and ensuring case handling through remediation.
We are looking for someone who has strong understanding of information security solutions and their roadmap. Experience in conducting gap analysis exercises to identify the areas of improvement and potential threats in existing environment. Plan and execute recommendations identified in gap analysis report to mitigate potential and identified threats.
A bit about us:
Devices & IoT team is part of Pricing & Propositions Department within Marketing. The team is responsible to manage MBB, Handsets & IoT devices portfolio at Jazz
The structure of the team you will join is:
· 06 members team (including the department stream head) with 04 sub teams
· You will be part of a 5 members team reporting to a department stream head
The two (02) main priorities of the team as a whole are:
· IT Infrastructure Operations includes server, storages, datacentre facility, backups and Database Operations.
· IT helpdesk & Information Security Operations
The three (03) must have past experiences the best candidate should have.
Project execution and rollout planning
· 5+ years Cyber Security Incident handling, threat detection and attack Analysis in a large mission-critical environment.
· Vendor and contract management
The two (02) must have technologies the candidate should have.T
· Industry standard information security and incident response certifications (CISA, CISM, CISSP, etc.) are a plus.
· Knowledge of IT control frameworks such as COBIT, NIST, ITIL and ISO 27001 is preferred.
Essential skills must have:
· Provide oversight of analysis activities and direct the activities of the team to ensure the effective resolution.
· Contribute to the development of Attack Analysis standard operating procedures to ensure that they stay current and effective.
· Correlates network activity across networks to identify trends of unauthorized use
· Reviews alerts and data from sensors and documents formal, technical incident reports
· Researches emerging threats and vulnerabilities to aid in the identification of network incidents
· Deliver assessments to senior leadership and recommend course of action to be undertaken.
· Manage and improve information security documentation as required.
· Help analyse findings in investigative matters, and develop fact-based reports of events over period.
· In-depth knowledge of network intrusion methods, network containment and segregation techniques
· In-depth knowledge of operating systems (Windows & UNIX, Mac OS X a plus)
· Expert understanding of TCP/IP networking, routing protocols and full packet capture analysis
· In-depth network security expertise including firewall, IDS and IPS
· Experience building baselines of network activity for use in anomaly detection
· Experience with proactive threat hunting techniques and concepts in an enterprise environment.
· Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow , IDS, system logs)
Experience leading large teams in global corporations (preferably in Telco
· Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
· Ensure compliance to SLA, process adherence and process improvisation to achieve operational objectives
· Revise and develop processes to strengthen the current Security Operations Framework, Review policies and highlight the challenges in managing SLAs
· Responsible for team & vendor management, overall use of resources and initiation of corrective action where required for Security Operations Centre
· Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring
· Responsible for integration of standard and non-standard logs in SIEM
· Creation of reports, dashboards, metrics for SOC operations and presentation to Sr. Mgmt.
· Co-ordination with stakeholders, build and maintain positive working relationships with them
· Ability to coordinate, work with and gain the trust of business stakeholders, technical resources, and third-party vendors.
· Able to work under pressure in time critical situations.
· Strong attention to detail in conducting forensic analysis combined with an ability to record documentation in support of the investigation.
· Detailed knowledge of current international best practices in the incident response arena.
· Ability to communicate effectively with business representatives in explaining impacts and strategies and where necessary, in layman's terms.