Main Job Functions:

• Design and implement security architecture for core IP/MPLS/SRv6/PS/CS/RAN networks inclusive of all the elements the concerned network domains.
• Perform continuous risk assessment, vulnerability management, and threat analysis across core network platforms.
• Collaborate with MTN Group information security and the local security teams to develop and design strategic security initiatives translating into projects as per the MTN group security roadmap in the IP & core network security domain.
• Configure and manage firewalls, IPS/IDS systems, DDoS mitigation tools, and IP filtering mechanisms to protect network services.
• Collaborate with the RAN, core network, transmission, and service delivery teams to integrate security controls in all designs for the projects implementations without impacting network performance.
• Develop & set up a mini-SOC team and train them to easily monitor, respond and investigate network security incidents, ensuring timely resolution and root cause analysis.
• Monitor and manage BGP security, including prefix filtering, route validation (RPKI), and anti-hijacking measures.
• Review and validate network design changes (RAN, 4G/5G core, IP/MPLS backbone, VoLTE, SIP/IMS etc.) for compliance with security standards (3GPP, GSMA FS.11/FS.19, ISO 27001, NIST)
• Lead compliance efforts related to security policies, regulatory standards, and industry frameworks.
• Develop and maintain security playbooks, documentation, standard operating procedures (SOPs), and incident response plans.
• Conduct regular security audits, penetration tests, and configuration reviews.
• Provide technical support for secure onboarding of new services, network expansions, and software upgrades.
• Stay current on emerging threats, tools, and technologies in IP network and telecom security
• Lead all the security initiative deployments for all domains of the MTN network
• Supervisory role to guide all network teams to safe and secure rollouts which guarantee privacy of customer data during their projects.

Education

• BSc Degree in Telecommunications, Computer Science, Information Security, or a related field

Work Experience 

• Minimum 3–5 years of experience in network engineering and/or network security, with a strong focus
• on IP-based environments.
• At least 1 – 2 years people management experience.
• Industry certifications such as CCNP/CCIE Security, JNCIS/JNCIP Security, or CISSP will be an added advantage.
• Proven experience with telecommunication networks working with firewalls (Palo Alto, Fortinet, Cisco ASA), BSCs, RNCs, 5GC, HLR, MSC and popular network security appliances.
• Experience with DDoS mitigation platforms (e.g., Arbor, Radware), SIEM tools, and threat intelligence systems.
• Solid understanding of IPsec, SSL VPN, GRE tunnels, RPKI, DNSSEC, and secure routing principles.

Skills / physical competencies:

• Mobile Network Architecture & Protocols (Comprehensive understanding of GSM/UMTS/LTE/5G network architectures CS, PS, EPC, SVC, & 5GC)
• Mobile signaling protocols such as SS7/SIGTRAN, Diameter, GTP & SIP/IMS
• Security Protocols & Standards (Authentication and key agreement protocols (AKA, EAP-AKA), MAP & protection mechanisms, IPSEC/Networks security applications)
• Radio Access Network Security (Air interface & Handover security procedures, Radio resource management security)
•  IP/Core Network Security (Network domain security (NDS/IP), Interconnection security (IPX/GRX), Bearer path security etc.)
• Security Operations & Tools such as SIEM systems, IDS/IPS, DPI tools, Penetration and scan tools
• Regulatory & Compliance Lawful Intercept/Location Based System solutions, 3GPP & GSMA guidelines