VodafoneThree - Cyber Security Architect - Secure by Design SME IT/ Digital
Role details
Job location
Tech stack
Job description
In this role you will provide Security Architectural support to projects that have engaged with Secure by Design, providing guidance to projects and BAU activities across the following UK business functions:
The purpose of the role is to:
- Ensure Security is embedded in IT and Digital Systems including planning, designing, and building phase
- Define technical security controls for efficient implementation
- Ensure compliance with Legal and Regulatory requirements
- Fulfil Key Customers obligations and Stakeholders expectation
- Ensure security architecture activity is timely delivered to support other technology and business functions
- Contribute to, define and assess complex design proposal
As a Security Architect in Secure by Design you will be required to develop and document end-to-end architecture that will protect the IT and Digital Systems from the significant and persistent cyber security threat to which VodafoneThree is exposed to.
You need to ensure system architecture is developed adequately to protect the availability, confidentiality and integrity of IT Systems.
The security architect is required to develop this architecture in conjunction with Group and European region technical architects and influence them to support the UK position. This architecture and ability to influence senior technical stakeholders across the group will underpin attaining and retaining of business-critical certificates and legislative obligations.
You will engage with the business functions to understand their future roadmaps and will ensure that appropriate Cyber Security engagement takes place to support these roadmaps. You will also be responsible for providing technical leadership and task direction to other Secure by Design managers, Specialists as well as Cyber Security Champions across Technology and other business functions.
You will work with project teams to produce solutions that comply with internal security policies, standards and the security architecture. The role requires a recent hands-on background with a wide range of security and IT & Digital technologies.
The projects and "business as usual" change you will be working on will encompass the full range of IT & Digital technologies encompassing:
- Online & Digital including Mobile Applications
- Customer Management & Billing Systems
- Business Intelligence and Big Data
- Business Support Systems
- Cloud Infrastructure & SaaS
- Automation Solutions
- End user computing / BYOD.
Key functions of this role are to:
- Senior member of the Secure by Design IT & Digital Team.
- Embed effective security practices into IT & Digital processes (Agile, DevSecOps, CI/CD etc).
- Provide Cyber Security guidance, design input and design review/assessment.
- Review and approve end to end connectivity across Vodafone networks.
- Specify security testing and ensure that identified vulnerabilities are remediated.
- Identify Cyber Security risks and ensure that these are managed effectively.
- Lead relevant Regulatory and Compliance initiatives for Secure by Design.
- To review telecoms project designs and architectures against the company's cyber security policies and to communicate this to project teams.
- To assess project designs against requirements, including the UK Telecommunications Security Act (TSA)
- Guiding and embed effective security controls into Network architectures
- Provide Cyber Security guidance, design input and design review/assessment of complex changes
- Specify and scope security penetration testing of complex designs, and ensure that identified vulnerabilities are remediated
- To assist members of the Secure by Design Networks team with understanding of designs
- To provide leadership, updates and guidance for cyber control implementation and their ongoing assessment and improvement, We are regulated by the Financial Conduct Authority and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet the regulators standards.
If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, a sign language interpreter, or assistive technology, please refer to the Accessibility section of our Careers website (https://careers.vodafone.com/uk/applying-to-us/) for guidance.
We use AI in different parts of our business to boost innovation, improve efficiency, and create new opportunities. We know many candidates use AI to fine-tune their CVs or prepare for interviews, but what we really care about is your unique experiences and achievements.
During the interview, we want you to rely on your own knowledge and skills to show us who you really are-your personality, creativity, and abilities. Above all, we're looking for authenticity and can't wait to get to know the real you.
Requirements
Do you have experience in Windows?, * Educated to degree level and/or relevant technical experience (preferably 7+ years) with a proven track record of delivering complex cross-domain IT/IS solutions architectures/designs in the telecommunications industry
- Minimum of 5+ years of experience in Security role
- Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.
- Knowledge of legal, regulatory and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard
- An ability to think strategically and drive change
- A deep understanding of Security risks and mitigating solutions
- A diverse security background with knowledge in several areas including DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
- Knowledge in Windows, UNIX and Linux operating systems
- Practices and methods of enterprise architecture and security architecture
- IT security architecture development and definition
- Web Security & Encryption
- Strong organizational skills
- Ability to work under time and resource pressure
- An ability and desire to communicate and work with a broad set of stakeholders
- A customer-focused, responsive, and transparent attitude
- Competent in understanding solution designs and equipment configurations used to deliver a wide range of IT and telecommunications solutions
- Competent in applying security policies and principles defined in security architecture to real world scenarios
- Understands and applies risk management principles
- Effective communication skills to influence stakeholders and explain complex security requirements in simple terms
- Establishing and maintaining single point of contact relationship with key project manager(s)
- An industry security certification. CISSP is strongly preferred.
- An Architecture qualification (TOGAF) is desired.
Benefits & conditions
Pulled from the full job description
- Employee discount
- Company pension
- Paid volunteer time, We care about our people's success by offering great pay, bonuses, up to 28 days off plus bank holidays, and paid time for charity work. You can personalise our benefits for you and your family, like discounts, vouchers, a pension plan and loads more. We help with your career through our amazing learning tools and top-notch parental leave policies.
