To support and implement security controls to protect Vodafone customers, systems, assets and organizational data against technical threats and, where appropriate, provide operational expertise in the use of cyber security tools and processes.
Main responsibilities :
Ensure all the security controls aiming to prevent cyber threats that are defined in the Cyber Security Framework are implemented;
Oversee and support the deployment of cyber platforms to implement security controls and improve the defense of Vodafone infrastructure and applications (e.
g. SIEM, WAF, IPS, EDR, CyberArk);
Ensure all cyber controls are effective and configured as per Vodafone standards supporting the Security by Design process for new projects in the IT and Network Space;
Provide risk evaluation for any security vulnerably and recommendation for risk reduction;
Ensure security processes are in place and well known by all relevant stakeholders to guarantee security controls effectiveness;
Evaluate new technologies and processes that enhance security capabilities;
Collaborate with Group Cyber Prevent Team to guarantee technology consolidation;
Ensure deployment and effectiveness of cyber prevent security controls;
Follow Security by Design for IT and Network projects providing guidance and suggesting solutions;
Identify security threats that need to be addressed and define approach to reduce risks.
Core competencies, knowledge and experience :
Strong technical background in IT, Network and Cloud architecture;
Knowledge of deploying cyber platforms such as SIEM, WAF, IPS and Malware Defences;
Keen interest in Cyber Security with a good understanding of current security threats and trends;
Working knowledge of various security technologies such as : E-mail & Web filtering; appliances; Anti-malware protection;
Vulnerability Scanners; Host intrusion prevention; Network and application firewalls; Encryption techniques;
Knowledge and understanding of information risk concepts and principles;
Technical knowledge of business and cyber security risk;
A proven track record of being able to handle complex projects;
5-10 years of relevant experience in a similar role in a telecoms, banking, insurance, digital services sector;
Certifications in Cyber Security or Information Security Systems would be beneficial.