About MTN
Mobile Money Rwanda Limited is focused on attracting, recruiting, developing, and retaining professionals that contribute meaningfully to our mission of making our customers’ lives a whole lot BRIGHTER.
We are an equal employer with a strong culture that looks forward to and encourages creative thinking and innovation while remaining at the forefront of the latest technology and trends.
Mobile Money Rwanda Limited is therefore Internally and Externally recruiting a highly competent and self-motivated individual for the position below.
Mission/Core purpose of the Job
Responsible for securing the organisation's payments, digital lending, and Mobile Money platforms against cybersecurity threats, fraud, and regulatory risk. This role ensures the confidentiality, integrity, and availability of Mobile Money financial systems, transaction processing, customer data, and APIs, while supporting rapid product innovation and full regulatory compliance across all MTN Rwanda fintech and digital channels.
Key Performance Areas
- Security Strategy & Governance: Define and implement a comprehensive cybersecurity strategy tailored to real-time payments, digital lending, and mobile money ecosystems; establish security policies, standards, and controls aligned with high-availability transaction processing and API-based integrations; embed security in product development lifecycles (DevSecOps).
- Maintain and review the organisation's information security management system (ISMS). Mobile Money & Digital Channels Security: Secure payment processing systems including card payments, switches, gateways, and wallet-to-wallet/wallet-to-bank transfers; ensure PCI-DSS compliance and payment network security requirements; oversee transaction monitoring, fraud detection controls, and chargeback risk reduction; protect against skimming, account compromise, replay attacks, and API abuse; secure USSD, mobile apps, web portals, and agent platforms; protect SIM-based and app-based authentication mechanisms; mitigate SIM swap fraud, social engineering, account takeover, and agent fraud/liquidity abuse.
- Digital Lending Security: Secure customer onboarding, KYC, credit scoring, and loan management platforms; protect sensitive financial and behavioural data used in credit decisioning; ensure integrity of scoring models, decision engines, and repayment workflows; mitigate data manipulation, insider abuse, and identity fraud.
- Risk Management & Threat Modelling: Perform threat modelling across Payments APIs, Lending platforms, and the Mobile Money ecosystem; maintain cybersecurity and fraud risk registers; partner with fraud, risk, and compliance teams on joint risk mitigation strategies; conduct regular vulnerability assessments and penetration testing; provide risk reports to senior management and the Board.
- Security Operations & Incident Response: Oversee SOC operations (SIEM, monitoring, threat intelligence); lead cyber threat detection, monitoring, and response; manage digital forensics, root cause analysis, and remediation; ensure secure configuration and hardening of systems and networks; coordinate incident communications with regulators, partners, and internal leadership. Application & Platform Security: Ensure secure development practices (DevSecOps) across all engineering teams; conduct code security reviews, application vulnerability assessments, and API security testing; protect mobile channels: apps, USSD, SMS gateways, and API integrations.
- Fraud Prevention & Financial Crime Security: Collaborate with Fraud and Risk teams to implement security controls for transaction protection; support Fraud detection systems, AML/CFT monitoring platforms, and Identity verification/KYC security controls.
- Regulatory Compliance & Audit: Ensure compliance with ISO 27001, Rwanda Data Protection and Privacy Law, Central Bank and financial regulator security requirements, and PCI-DSS; lead internal and external security audits and certification efforts; support regulatory reporting and evidence collection.
- Third-Party & Ecosystem Security: Secure integration with banks, payment partners, fintech partners, aggregators, telecom, platform providers, and cloud environments; embed security requirements in contracts and SLAs; perform third-party risk assessments and security due diligence; ensure secure API exposure and partner access control.
- Security Awareness & Culture: Drive organisation-wide security awareness programmes; conduct phishing simulations, training, and awareness campaigns; foster a security-first culture across business and technology teams. Prepares and submits monthly security posture reports to senior leadership.
Experience
- 7+ years in information security and cybersecurity.
- 3+ years in a leadership or management role.
- Strong experience in at least one of: Payments, Digital Lending, or Mobile Money / Mobile Financial Services.
- Proven experience managing incidents in high-transaction, customer-critical platforms.
Education Background
- Bachelor’s degree in information security, Computer Science, Information Technology, or related field. A master's degree is an advantage. Fluent in English
How To Apply
All interested candidates are requested to apply through the MTN website and submit their updated curriculum vitae with copies of notified academic credentials no later than 16th June 2026 MTN Website portal: https://www.mtn.co.rw/careers/
We strongly encourage applications from women and/or individuals with disabilities.
Note: Should you not hear from us within 14 (fourteen) days from the closing date of this advertisement, you may consider your application unsuccessful. If you encounter any issues when completing the application, reach out to Alozius.Mutamba@mtn.com (+250788319965)
At MTN Rwandacell Plc, we are committed to safeguarding your data privacy. For more information, visit our website to read our job applicants' privacy notice that explains how we collect, use, disclose, and protect your personal data at https://www.mtn.co.rw/privacy-notice-for-job-applicants/
