At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Why work for us:

Vodafone are revolutionising how customers use technology and connectivity, ensuring they are ready for today and the digital innovation of tomorrow. We are heavily embedded in providing world-class Solutions and we strive to keep ourselves ahead of the game, which will give you the opportunity to lead the way in Telecommunications and work with the latest technologies.

Who you are:

Adept as serving as a Security SME for new technologies and projects, you will develop, implement and maintain the local Security Reference Architecture. You will be responsible for Cyber Security signoff and the associated closeout / risk handling whilst driving and promoting an integrated approach to identify and reduce security risks. You will provide input into Vodafone’s Security Strategy, Cyber Security Baseline, and Risk Register.
 

Your team:

Reporting to the Security Delivery Manager

The next challenge for you:

• Build productive working relationships and collaborate with the wider technology team and the relevant business units to document and maintain the Security Architecture, and support the business units to understand, apply and enforce the security controls for new and existing solutions, products and services
• Represent Cyber Security during project sizing sessions and gate reviews; provide high level estimates of effort (time & cost); ensure estimates and security testing and acceptance criteria are agreed, documented and met
• Act as an internal security consultant to advise and influence business and technical partners, and provide Security assurance, guidance and support for projects
• Provide architectural guidance for secure software development, integration and testing
• Drive the implementation of some Cyber Security Baseline Controls across the local organization to ensure local market compliance against the Vodafone Group requirements
• Identify, prioritise, design, verify and report on the security controls required to bring the identified security risks within the accepted risk tolerance; work closely with project resources (architects, developers, testers, and Operations) at a technical level to assist with the effective mitigation of security risks
• Regularly review and maintain the Local Security Policies to ensure coherence with the Global Policies and understand the new requirements and the impacts on the local organization
• Participate in information security audits by providing technical details to the auditors
• Guide the local technology teams throughout the compliance process in relation to standards and recommendations (NIST, ISO27k, PCI-DSS, etc.)
• Ensure a consistent approach and manage security interdependencies across multiple projects and work streams
• Act as the escalation point for security incidents, assessments and testing
• Adopt and promote a culture of continuous improvement to minimise inefficiencies 

What you need:

• Bachelor/Master of Science degree in Computer Science, Engineering, Telecommunications or another related technical degree (Relevant certs are an advantage, e.g. TOGAF, ITIL, PMP, ISO27k LA/LI, (ISC)2 CISSP, ISACA CISM/CISA/CRISC, SANS GIAC).
• 3+ years IT Security Engineering/Architecture/Consultancy experience
• Excellent knowledge of IT Security technologies 
• In-depth knowledge of system development life cycle, security standards (ISO27k, OWASP, NIST, SANS etc.), system hardening, network security
• Solid knowledge of telecom systems, networks, protocols and processes (e.g. billing, mediation, provisioning, signalling, VoIP etc.) 
• Solid vendor management experience, proven experience managing complex integration issues across multiple vendors with very good analytical and reporting skills

What else should you demonstrate:

• Aptitude for assessing Security related issues and requirements from both a business and Information Security perspective with the ability to effectively address both technical and non-technical audiences
• Familiar with the laws, regulations, industry standards and guidance pertaining to Data Protection, Information Security and the Telecommunication industry.
• Excellent communicating skills with the ability to articulate complex technical issues in simple terms, and to provide accurate and user-friendly reports and documentation
• A team player with diplomacy and advocacy skills and the ability to quickly adapt to ongoing environment changes (infrastructure, organisation, priorities).