| Information Security Expert | |
| Asiacell Communications Iraq Ref: GP281-110 |
|
The RoleThe Role* The primary expert on technical aspects IT security in the Asiacell IT team, providing strategic guidance and tactical support to the Asiacell's BU's, Asiacell IT Department and Asiacell IT sections policies, processes, architectures, solutions, services, projects and systems. * Manage the deliverance of IT Security products, projects, and services. * To identify report and manage the Information Security IT group implementing, administering, and supporting the company's IT Information Security Policies, processes and systems to Country, regional levels, through leadership, close co-ordination with and auditing of other regional IT & IS services. BU Directors, Managers, and Team leaders. * Is Asiacells Information Security Expert on all aspects relating to Web services, Applications, Network and Database security. * To ensure Asiacell IT implements and maintains Security best practices to comply with standards including but not limited to BS7799, ISO 17799 and ISO 27001. * To maintain the Information Security Policy to: * Obtain and Document Executive Management concerns, on Information, for all Asiacell Information Resources including electronic and paper documents. * Provide Guidelines for classifying data and information according to its sensitivity, confidentiality, and integrity requirements, * Agree with all Business Units the responsibilities of the owners, users and custodians of Information and Data. * Specifying policies, processes, methods, and frequencies for monitoring and investigating information security breaches and unauthorized access attempts. * Implementing security programs to address Asiacells management concerns and areas of potential vulnerabilities * Specifying formal documented procedures for granting, and monitoring access privileges and administering terminated and transferred employees. * To regularly undertake a formal documented induction process for all Employees and to undertake on a regular basis Information Security awareness training sessions at least once every three months and as regular so that each employee will receive an awareness session once a year. * Oversees Security Incident response planning (Incident Management) as well as investigation of security breaches (Problem Management) and escalates legal matters associated with such breeches to the senior management as required. * Prepares Request for Information (RFI), Requests for Proposals (RFP) and RFQ (Requests for Quotation) for  all Information Security projects and acts as a consultant on Information Security for all other IT & Billing projects. * Review the formal Information Security acceptance certificate so that on induction each employee has signed of and agreed that they are familiar and aware of the Information Security policy and its contents. * To manage Information Security on all Asiacell IT Products and Services especially focusing on Web, Application, Database and the Network services. * Lead the evaluation, implementation and rollout of IT Security platform and tools in Asiacell and to liaise with QI on this aspect. * Lead the capture of the As Is IS, Application, Database, Network and Web infrastructure from Asiacell IT sections and to make sure that all the interfaces and processes are recorded and monitored. * To setup and Train, mentor and develop IT security skills across all of Asiacells IT sections. * To setup and train, mentor and develop expertise on IT Security tools and systems across all of Asiacell IT sections. * Participate and maintain in developing the To Be Group data network and intranet projects. * Build relationships with IT and Information Security across the Asiacell, to promote security best practice. * Responsible for maintaining the IT and IS models in a current state. * Responsible for maximizing the use of IT Security tools to maximise business benefits. * Participate in QI group wide synergy and harmonization initiatives for IS &  IT security. * Establishment of Asiacell and QI KPI's for IS & IT security. * Process owner on group level for IT security processes and IT Security infrastructure. * Ensure the Information Security technology is fit for purpose, and that working practices are evolved to make the best use of it. * Work with QI to build a centralized Information Technology and Information Security service reporting platform. * To be the SPoC, (Single Point of Contact) with Marketing, Technical, PMO, Finance, Risk on all IS aspects. * To manage and co-ordinate daily activities on all IS aspects of the regions and the direct reports for IS Experts for Web, Applications, Network and Databases. * To be responsible for the IS reporting and monitoring on IS aspects, including threats and weakness, of all of the IT Products and services, to the IT and Billing Director, and dotted line reporting, on exceptional basis, of (but limited to): * Web Site services including Asiacells Website * WAN & LAN services * Servers & Operating Systems services * (Internet, Mail & Intranet services * Office Computers, Applications & Peripherals * Integration with Telecom GSM & GPRS Networks * Connectivity with Point of Sales Network * Connectivity with Data Service Content Providers * Office VoIP * Call Centre infrastructure including CRM, IVR, ACD & IPCC and Call Manager * Internal and external security via systems and procedures such as CCTV, Firewalls, DMZs, antivirus, anti-spam & anti-intrusion * PCs & peripherals for internal office users, company sales outlets and dealers * On, an as required basis basis provides IS advice and consultancy to all Asiacells BU's on any of Asiacells current or future products and services. * Secure delivery of IT Information Security KPIs & Service Levels at regional level. Ensure purchasing of the right software and hardware as per the business requirements and Information Security requirements by reviewing quotations, specifications and raising Purchase Requisitions for the same. * Review changes to IT systems; services, products, architecture, licenses and applications as it effects Information Security Policies, Procedures, Process and Architecture. * In co-ordination with other IT Sections & BU as needed, plan, co-ordinate and implement Information Security updates. * Keep up to date with the latest developments on all aspects of Information Security Products, Services with relevance to Asiacell particularly from major suppliers such as Ericsson, Huawei, Oracle, Microsoft, HP, EMC ete. Act as a key IT coordinator with corporate Project Management Office (PMO). |
RequirementsRequirementsMSc or Bachelor Degree or Higher National diploma in a science or computer related discipline. At least MCSE and CCIE. Preferably CCISP (Certified Information Systems Security Professional) or ISC (International Information Systems Security Certification Consortium or similar standard. Currency to 3 years or less. * Good interpersonal, socialising, communication, negotiation, management, conflict resolution, organisational & leadership skills. Analytical, innovative and creative thinker |
About the CompanyAbout the CompanyAsiacell, the first mobile telecommunications company in Iraq, was established in the city of Suleimaniah in 1999, Thus, with the company’s entry into an already quite advanced and competitive global market, it was ushering in a new era of telecommunications throughout the nation, while laying the groundwork for others to follow, In summary, it was the pioneer of mobile telecommunications in Iraq. Asiacell was launched at a particularly difficult time in the country’s history, since Iraq’s economy was in shambles due to years of economic sanctions imposed upon it, Yet despite this uphill battle, Asiacell pushed forward with its first commercial operations in 2000, and against all odds, was able to persevere. In October 2003, Asiacell was granted a two-year GSM license for the seven northern provinces of Iraq, catering in the process to a wider client base who collectively shared a need for a quality mobile network, The license was extended in 2005 to cover the entirety of the Iraqi Republic, Consequently, today it is the only telecom network to provide coverage nationwide. In August 2007, Asiacell bid and won a 15-year national license, becoming the GSM telecom operator with the largest long-term network coverage in the country, The company's breakthrough successes have naturally led to its expansion and growth over a network that is touted as one of the most groundbreaking accomplishments in the history of Iraq. |
This Position is closed or expired
|
|
|