Job description
Description
Overview:
The IT Security Compliance lead is focused on providing security assurance support to the whole vBIT business in line with the Vodafone CyberSecurity Team strategy and CyberSecurity compliance controls. You are pivotal in being able to implement best security pratices across ALL our vBIT solutions, monitor Security risks and, through audit and assure compliance evidence is available.
You will need to work closely with internal teams (Architecture, DevOps, Cyber Teams, among others) and support them on security subjects.
You will work across multiple projects and work alongside internal/Externals stakeholders, including those from the technical and architectural security teams, that form a global multi-disciplinary team.
You will support Cyber Security Compliance Team in their role to develop the strategic management of security compliance and risk across the business.
With us you will:
Developing and maintaining close working relationships with the Cyber team in reinforcing and assuring their implementation of Cyber Security Controls- Leading, managing, and running Security assurance audits internally
- Act as a subject matter expert for Cybersecurity compliance GRC, provide advice, and guidance to internal teams on best practice
- Working alongside the compliance and Privacy teams to ensure that vBIT remains compliant with many differing data protection compliance legislations
Job Responsibility
Key accountabilities and decision ownership:
Lead vBIT to reach Cyber Security 4.0 score- Developing compliance reports, metrics, and dashboards
- Coach and mentor DevOps Teams on Security
- Assist Devops during the design and implementation of their solutions
- Contribute to the continuous improvement of the security, Privacy, from technical improvements to procedural efficiencies
Core competencies, knowledge and experience:
Strong and demonstrable knowledge of Cyber Security technologies- Some experience and knowledge in designing or deploying Cyber Security process across either private, hybrid, or public cloud environments
- Analytical thinking
- Stakeholder management.
- Able to talk competently on Cybersecurity GRC and data protection issues
- Excellent communication skills including strong verbal and written skills & the ability to interact with Senior Management teams
Must have technical / professional qualifications:
Experience in working with ITIL and Agile working practices Agile- Demonstrable process management, process, work instruction & policy management
- IT Technical background
- Good knowledge of GDPR is essential
- Certified Information Security Professional – CISSP is a nice to have
Communication:
Succinct, meaningful communication that commands respect and confidence that allow rapid and informed decision making at all levels- Professional presentation skills
Not a perfect fit?
Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in.