Lead Secure by Design Manager VB UC (236734)

Role Purpose:

A Lead Secure by Design Manager in the Global Cyber Strategy & Secure by Design team

Acts as the interface between the technical disciplines and the business to carry out technically orientated security assessments, setting security requirements for new products and services, and also assessing compliance and risk.
The Lead Secure by Design Manager also has an important advisory role across the business and is required to provide security design and architecture guidance as well as general security consultancy, acts as cyber coach to agile projects and Programme teams to ensure that future infrastructures and products for Vodafone globally are secure.

This role specifically is covering Secure by Design for Vodafone Business Unified Communications program.

• Impact on the business – This role will provide that all global products, services, and infrastructure for Enterprise customers, consumers, or being used internally by Vodafone are secure by design and will meet an appropriate technology security level, and demonstrate that all potential risks are being mitigated to an acceptable level to in order to assure the confidentiality, integrity and availability of systems and data.
• Customers, supplier and third parties – provide advice and guidance to internal and external customers on security related matters.  Define, communicate and ensure that suppliers and third parties understand and comply with Vodafone’s security standards.
• Leadership and teamwork – Leadership and teamwork are essential this role, the Secure by Design manager needs to work closely with the business and technology architecture teams, design and operations teams, and with the other security teams e.g. Risk & Compliance, Ethical Hacking, Security Operations, and Corporate Security. The role holder will also be required to manage external resource and coach Security Champions in the agile teams.
• Innovation and change – This person will help change the perception that security is an inhibiter, and work to demonstrate that security can be a business differentiator by enabling the business with secure by design for its products and services. 
• In order to achieve this, proactivity and attitude to identify best practices that can be spread to other APIs are key success factors

Core competencies, knowledge and experien ce:

• The individual should have  profound professional experience in information technology, Cyber security as well as experience with security in agile ways of working, DevSecOps. Good knowledge/experience with securing of cloud environments,  web services, security for Unified Communication Services, CI/CD pipelines, container security, connectivity, user access management, networks  and penetration testing experience beneficial.
• University degree in Information Security or equivalent 
• One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
• 3-5 Years  work experience in the field of cyber security
• UK gov / public sector Security clearance or able to obtain

• Discretionary yearly bonus: 10%
• Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
• Charity days: 5 days/year
• Maternity/adoption leave: 52 weeks out of which the first 13 weeks are fully paid followed by 26 weeks of half pay and 6 months - working 4 days, getting paid 5
• Paternity leave: 16 weeks fully paid
• Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
• Access to: private medical, private dental, free health assessments, share save scheme
• Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan

#groupresourcing  #grouptalentacquisition