Responsibilities

The Specialist – Risk and Compliance is responsible across the following below areas: 

Role Management

• Manages that role build/amendments encompass the principles of least privilege access, Segregation of Duties (SoD) and ensure safeguarding of the GT in collaboration with Functional Process Owners
• Manages role master maintenance is performed on a regular basis with global process leads 
• Drive the risk and impact assessment process for solution changes to the roles, process, affected users and potential impacts on defined risks

Access Certifications 

• Performs the planning and execution of access certifications in collaboration with OPCO’s/GPL’s
• Provides regular updates and analysis of access certifications
• Executes the removal of access, as outcome of the certification process

Incident and request management, and coordination and oversight on third-level and fourth-level resolution:

• Resolve incidents and requests raised by the users in a timeous manner for the provisioning of users, by acting as first-level of support and safeguarding MTN BOOST Global Template (GT)
• Engage with relevant stakeholders constantly to quickly and accurately identify the root cause of issues or problems to minimise delays/slippages and create Frequently Asked Questions (FAQ) document to address recurring issues
• Escalate issues that may result in considerable time, scope, employee/client, or cost impact according to established governance structures
• Ensure smooth running of day-to-day operations and user support
• Triage incidents and requests, and escalate to the third-level support performed by support service provider
• Coordinate timeous resolution of incidents and requests raised with support service provider
• Identify opportunities for achieving operational efficiencies through continuous improvement activities
• Conduct research and trend analysis to support strategic initiatives

User manual updates:

Update, review and change control management of the following user manuals:

• Role management 
• Access Certification

Release management:

• Review new features (both Enabled and Disabled) which are required for MTN
• Resolve conflict arising from various impacts  
• Review the demand requests generated for releases with high impact
• Manage role definition documentation post release

Demand management:

• Validate demand requests raised by OpCos and/or Group Functions and assess their impact on other functional domains
• Prioritise and identify demands to be implemented in collaboration with  Portfolio Manager, Project Management Office (PMO)  
• Provide oversight across major demands and deployments, and resolve any conflicts raised by Global SME

Compliance management:

• Provide input as required for internal and external audits and review of risks and controls
• Provide inputs as required to support implementation of corrective actions based on audit findings and policy changes

Information Technology General Controls (ITGC’s):

• Providing assurance partners with evidence of ITGC’s execution

Contracting, recharge model, budget cycle, business, and financial cycle including Talent and Performance Management (TPM):

• Support the GRC team, to provide domain specific inputs to Financial Operations team 
• Provide inputs to the budget planning activities as required
• Focus on self-development by taking relevant trainings

Governance forums, integration, and oversight reporting:

• Provide data and inputs to various reports to be presented at MTN group governance forums, MTN BOOST Lead steercos, OpCos and partner governance forums
• Participate in governance forums for timely feedback (if and when requested)
• Foster strong relationship with respective OpCos and MTN group function (stakeholder accountable for the function) to drive the GRC objectives.

Qualifications

Education:

• Minimum of 3-year tertiary diploma in IT, Finance, or Risk Management or equivalent Oracle Risk Management certification (preferred)
• Fluent in English with the ability to communicate and describe complex technical solutions in easy-to-understand concepts

Experience:

• Minimum of 2 years’ experience in access certification and role management as an area of specialisation
• Experience in Telecom / Finance / Insurance industry (preferred) or an equivalent multi-national organisation with extensive geographic footprint (Preferred) 
• Experience working in diverse cultures and geographies (Advantageous) 
• Large ERP Experience (preferred)
• Cloud experience (preferred) – includes experience in small scale Software as a Service (SaaS) solution with hybrid or private data centre deployments

Competencies:

Functional Knowledge: 

• Functional process understanding (Proficient)
• Training (Proficient)
• Cross functional understanding (Intermediate)
• MTN policies and procedures understanding (Proficient)
• Continuous improvement (Intermediate)

Technical skills

• Application management (Proficient)
• Data analytics (Proficient)
• Testing management (Intermediate)
• Infrastructure and platforms management (Basic)
• Data management (Intermediate)

Leadership Qualities

• Strategic planning (Basic)
• Stakeholder management (Proficient)
• People development (Intermediate)
• Innovation (Intermediate)

Behavioural Qualities 

• Collaboration (Proficient)
• Critical thinking and problem solving (Proficient)
• Communication (Proficient)
• Accountability (Proficient)
• Adaptability (Intermediate)

Responsibility towards:

Key external stakeholders:  

• 3rd party vendors
• External audit team

Key internal stakeholders:   

• MTN OpCo SMEs/ Process Leads (PLs) (First-level of support)
• MTN OpCo user
• MTN governance councils (IT Design Council (ITDC)/ Change Control Board (CCB)/ any others)
• Global Process Sponsor (GPS) (Global function)
• MTN Group Information Security (GIS)
• MTN Group Risk and Compliance (GRC)
• MTN BOOST Project Management Office (PMO)
• MTN BOOST Global Process Owners (GPO)/ Global Process Lead (GPL)
• MTN BOOST SME (Second-level of support across other areas)
• Internal audit team