Job Description

MTNs purpose is to enable the benefits of a modern connected life to everyone. The MTN Group Strategy is anchored in building the largest and most valuable platform business with a clear focus on Africa. This rests on a scale connectivity and infrastructure business – mobile and fixed access networks in the consumer, enterprise and wholesale segments.

Within the changing audit, regulatory and governance environment the role must ensure successful delivery in the context of:

• Diversifying telco-to-techno landscape.

• Constant dynamics and local challenges in the economic, regulatory and legal environments and evolving industry ecosystems and audit landscapes.

• Sophisticated fraud schemes, systems and omnipresent cybersecurity threats and attacks

• Evolution of Audit approaches to include multiple lines of defence

• Fostering close collaboration with external and internal role players across multiple spheres of stakeholders who may, at times, have competing interests.

• Maintaining high standards of governance, business integrity, ethics and professionalism that MTN operates within.

• Driving growth through business intelligence and standardization to maximize business impact.

• Multi geographic landscape and cultural context.

• Management of demanding investor, customer, supplier and internal stakeholder expectations.

• Enhancing MTN reputational position as a leading secure, reliable and safe network and system provider at OpCo level.

• Assisting the MTN Board and EXCO in protecting the assets, reputation and sustainability of the organisation for MTN to accomplish its objectives.

Organisational Mission: MTN’s vision is to lead digital transformation in Africa, ensuring widespread access to reliable, high-quality broadband services that drive social and economic development.

Organization Values: At MTN we believe that understanding our people’s needs and aspirations is key to creating experiences that delight you at work, every day. We are committed to fostering an environment where every member of our Y’ello Family is heard, understood, and empowered to live an inspired life. Our values keep us grounded and moving in the right direction. Most importantly, they keep us honest. It is not something we claim to be. It is in our DNA.

As an organisation, we consider it our mission to create an exciting and rewarding place to work, where our people can be themselves, thrive in positivity and ignite their full potential. A workplace that boosts creativity and innovation, improves productivity, and ultimately drives meaningful results. A workplace that is built on relationships and achieving a purpose that is bigger than us. This is what we want you to experience with us!

Our commitments go beyond an organisational promise. It is in our leadership and managerial ethos to meaningfully partner with our employees, customers, and stakeholders with a vision to realise our shared goals.

Our values dubbed, LIVE Y’ello, are the cornerstone of our culture.

Lead with Care

Can-do with Integrity

Collaborate with Agility

Serve with Respect

Act with Inclusion

The Manager: Technology Audit role is responsible to achieve the following objectives:

Audit Management and Planning

• Assist the Senior Manager in the execution of technology systems and processes audit plans, to identify risks and vulnerabilities in control areas and to ensure that processes and systems comply with company policies, and statutory and regulatory policies.

• Develop and maintain a holistic view of each Technology Audit engagement to provide appropriate business and technical context for audit findings.

• Plan, implement, and oversee audit procedures required to effectively deliver Technology, Security, and Network audits in line with approved audit plans and management requests.

• Prepare database updates, provide status reports and produce final audit reports on assignments carried out, in line with internal audit standards and methodologies.

• Ensure audit assignments are executed within agreed timelines, proactively managing progress and escalating significant risks, delays, or resource constraints to the Senior Manager for awareness and intervention where required.

• Track and follow up on audit findings and update respective trackers and stakeholders regularly. Track and keep record of correspondence, filing of documentation in central Network drive.

• Ensure audit outcomes are clearly linked to the defined audit scope, risks, and objectives.

• Support the Senior Manager in coordinating with External Auditors, facilitating their technology‑related audit fieldwork and information requests as required.

Audit Governance and Risk Control

• Ensure strict adherence to Group Internal Audit methodology, standards, and procedures throughout the audit lifecycle.

• identify and clearly define issues, develop robust audit criteria, analyse and evaluate evidence, and ensure accurate documentation of Technology, Security, and Network processes and controls.

• Provide analysis on technology systems and processes internal audit data, identifying vulnerabilities in IT systems and internal policies, trends on IT systems failures, inconsistencies, weaknesses in the control areas. Report these findings to management with recommendations on possible mitigations and enhancements.

• Ensure all Technology, Security, and Network audits are executed, documented, and reported on the eGRC system in accordance with mandated processes and Group Internal Audit methodology.

• Implement approved audit programs to identify control weaknesses, assess their significance and materiality, and evaluate control adequacy and effectiveness across Technology‑enabled business processes.

• Monitor and follow up on the timely implementation of agreed audit recommendations, escalating overdue or high‑risk actions where necessary.

• Review audit programs to confirm that appropriate and sufficient testing mechanisms are in place to support audit objectives and conclusions.

• Keep up to date with new technology solutions to mitigate/change IT systems security vulnerabilities and provides reporting on these solutions.

• Maintain MTN’s ethical standards and ensure audit activities are conducted in full compliance with the International Standards for the Professional Practice of Internal Auditing (IIA Standards) and the IIA Code of Ethics.

Stakeholder and Team Engagement

• Maintain relationships with management of assigned functional/business units to provide a value-added service.

• Engage effectively with internal stakeholders, including operational teams, Audit Managers, General Managers, BRM consultants, and Executive Management, to obtain information and communicate outcomes that support audit objectives.

• Provide guidance, coaching, and technical input to ensure findings, conclusions, and recommendations are robust, well‑supported, and clearly articulated.

• Direct, review, and challenge the work performed by audit staff, including interviews, documentation reviews, audit surveys, working papers, and audit summaries.

• Provide guidance, coaching, and technical input to ensure findings, conclusions, and recommendations are robust, well‑supported, and clearly articulated.

Reporting

• Lead management oversight on OpCo reporting, OpCo coordination, OpCo support and OpCo Technology Audit operations.

• Prepare and review clear, concise, and impactful audit reports that document observations, root causes, risks, and practical recommendations engaging various stakeholders in Opcos to ensure a comprehensive report.

• Communicate audit results, findings, and recommendations timeously through formal reports and face‑to‑face presentations to the Senior Manager and relevant stakeholders.

• Contribute to and report on ad‑hoc audits, investigations, and special projects as required, providing management with clear insights into emerging technology risks and control effectiveness.

Key Deliverables

• Robust Audit Reports and Actionable Recommendations

• High‑Quality Technology Audit Engagements

• Effective Audit Planning and Resource Utilisation

• Audit Issue Tracking and Remediation Follow‑Up

• Stakeholder Engagement and Audit Quality Assurance

Role Dependencies

• Understanding of the Audit plan

• Active support from the Senior Manager

• Understanding of the respective technology and business contexts and the risks associated

• Intra-functional collaborations with Group Risk and Compliance

Education:

• Minimum 3-year Diploma Engineering, Information Systems and Computer Systems/Science

• Preferred, 4-year Bachelor of Engineering/ Information Systems and Computer Science/ Bachelor of Science

• Preferred, CISA / CISSP

Experience:

• Minimum 5 years’ experience in area of specialisation coupled with supervising / managing others

• Experience in presenting audit reports to senior stakeholders

• Data gathering, research and analytical abilities to develop insightful conclusions

• Experience in supervising and coordinating output

• Experience working in a medium organisation

• Experience in working under pressure and delivering under tight deadlines

Key Technical knowledge:

• Active Directory

• Firewall and routers

• Network Security

• API security

• Cloud security

• Endpoint security

• Knowledge on various OS’s (windows, Linux, Android, iOS, DA’s etc)

• Experience using various security tools