Lead Secure by Design Manager VB UC (236734)
Job Details
Full Job Description
Role Purpose:
A Lead Secure by Design Manager in the Global Cyber Strategy & Secure by Design team
Acts as the interface between the technical disciplines and the
business to carry out technically orientated security assessments,
setting security requirements for new products and services, and also
assessing compliance and risk.
The Lead Secure by Design Manager
also has an important advisory role across the business and is
required to provide security design and architecture guidance as well
as general security consultancy, acts as cyber coach to agile projects
and Programme teams to ensure that future infrastructures and products
for Vodafone globally are secure.
This role specifically is covering Secure by Design for Vodafone Business Unified Communications program.
- Impact on the business – This role will provide that all global products, services, and infrastructure for Enterprise customers, consumers, or being used internally by Vodafone are secure by design and will meet an appropriate technology security level, and demonstrate that all potential risks are being mitigated to an acceptable level to in order to assure the confidentiality, integrity and availability of systems and data.
- Customers, supplier and third parties – provide advice and guidance to internal and external customers on security related matters. Define, communicate and ensure that suppliers and third parties understand and comply with Vodafone’s security standards.
- Leadership and teamwork – Leadership and teamwork are essential this role, the Secure by Design manager needs to work closely with the business and technology architecture teams, design and operations teams, and with the other security teams e.g. Risk & Compliance, Ethical Hacking, Security Operations, and Corporate Security. The role holder will also be required to manage external resource and coach Security Champions in the agile teams.
- Innovation and change – This person will help change the perception that security is an inhibiter, and work to demonstrate that security can be a business differentiator by enabling the business with secure by design for its products and services.
- In order to achieve this, proactivity and attitude to identify best practices that can be spread to other APIs are key success factors
Core competencies, knowledge and experien ce:
- The individual should have profound professional experience in information technology, Cyber security as well as experience with security in agile ways of working, DevSecOps. Good knowledge/experience with securing of cloud environments, web services, security for Unified Communication Services, CI/CD pipelines, container security, connectivity, user access management, networks and penetration testing experience beneficial.
- University degree in Information Security or equivalent
- One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
- 3-5 Years work experience in the field of cyber security
- UK gov / public sector Security clearance or able to obtain
- Discretionary yearly bonus: 10%
- Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
- Charity days: 5 days/year
- Maternity/adoption leave: 52 weeks out of which the first 13 weeks are fully paid followed by 26 weeks of half pay and 6 months - working 4 days, getting paid 5
- Paternity leave: 16 weeks fully paid
- Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
- Access to: private medical, private dental, free health assessments, share save scheme
- Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
#groupresourcing #grouptalentacquisition