IHS Towers is one of the largest independent owners, operators, and developers of shared telecommunications infrastructure in the world by tower count and is the only towerco solely focused on the emerging markets. The Company has more than 40,000 towers across its 11 markets, including Brazil, Cameroon, Colombia, Côte d’Ivoire, Egypt, Kuwait, Nigeria, Peru, Rwanda, South Africa, and Zambia. For more information, please visit: www.ihstowers.com

• Safeguard the organization by predicting, detecting, preventing, and mitigating information security threats to Applications and Network elements.
• Support cybersecurity initiatives in conjunction with Group Cybersecurity team.
• Design and implement security controls to safeguard and monitor events for information systems, enterprise applications and data.
• Support the implementation of Information Security projects,
• Responsible for vulnerability assessment of web applications covering
  • Unvalidated Input
  • secure Configuration Management
  • Broken Access Control
  • Broken Authentication and Session Management
  • Cross Site Scripting
  • Buffer Overflow
  • Injection Flaws:
  • SQL Injection testing
  • Command injection testing
  • Improper Error Handling
  • Insecure Storage
  • Application Denial of Service
• Responsible for carrying out source code reviews for applications to be deployed within the business
• Responsible for network and router vulnerability assessments
• Identification and blocking of command and control threats
• Identify and respond to security threats on the platform.
• Responsible for carrying out regular security assessments on applications, networks, and databases
• Carrying out application security architecture reviews on all solutions before deployment, to identify control lapses, and provide recommendations to address missing controls.
• Review of visible application source code, including decompiling plugin code for Java Applets, etc.
• Regularly review baselines for Windows operating systems, Azure, VMWare, etc.
• Continuous monitoring of external points of presence.
• Serving as the first responder to security events and incidents.
• Carry out incident responsiveness assessments to identify how well IHS can readily respond to security incidents.
• Document and catalog all existing security vulnerabilities.

• A minimum of 4 years relevant experience in Information Security, vulnerability management, web application security.
• Strong background in application security, including devices such as firewalls, VPN, intrusion/extrusion detection, vulnerability & risk assessment tools, encryption technologies, virus/worm/malware prevention, E-business and web application technologies, Data Loss Prevention, whole disk & device encryption solutions, two-factor authentication, common Windows (desktop & server) platforms,
• Knowledge of source code security including SAST & DAST practices and scanning solutions such as Veracode, SonarQube.
• Working knowledge of web application vulnerability scanners such as Acunetix, Webscarab, Netsparker, BurpSuite, IronWASP.
• Knowledge of network scanning tools such as Nessus, Nexpose.
• Knowledge of security best practices such as defense in-depth, least privileges, need-to-know, separation of duties, access controls, encryption, SSO.
• Experience with various languages and frameworks including, JAVA, Python, C, C#, and network monitoring tools.
• Experience with DevSecOps, CI/CD pipelines and API security.

Professional certification: CEH, e-JPT, Security+, EC-Council Certified Security Analyst (ESCA), CISSP, CISM

Organizational Competencies

Customer Focus - People demonstrating this competency understand & exceed our customers’ needs. They develop trusted, reliable & collaborative relationships. They are consistently operating to the highest standards of service & delivery.

Innovation - People demonstrating this competency constantly seek new & improved ways to deliver our products & services. They champion engineering & skills development, and work to create a collaborative and supportive operating environment.

Integrity - People demonstrating this competency are open & honest in everything they do. They support financially & environmentally sustainable growth. They make socially responsible decisions and treat their stakeholders with respect.

Be Bold - People demonstrating this competency are thorough in analyses & decision-making. They are courageous in expanding existing markets & developing new ones. They confidently pursue appropriate financial returns and are forward-thinking and ambitious.

Sustainability- People demonstrating this competency are constantly seeking to create positive impact in the communities we serve.

Our Vision

IHS is committed to improving the quality and availability of telecommunications infrastructure, the lifeline for an increasingly connected world. We are dedicated to helping create a sustainable future for the communities in which we operate, and our sustainable strategy is structured around four pillars: ethics and governance, environment and climate change, education and economic growth, and our people and communities.