Our purpose at Vodafone is to connect for a better future. As a Global Communications Technology company, we put the customer at the heart of everything we do. We are passionate about pushing boundaries and discovering innovative ways to connect our customers with their digital societies. We connect people, businesses, and communities across the globe to create the future. We earn customer loyalty, experiment, learn fast and get it done, together. Join our journey as we connect for a better future.
Secure by Design Manager (NaaP) (m/f/d)
The Vodafone Tech Innovation Center Dresden is Vodafone’s new global center for innovation and co-creation with other top tech world-wide companies, universities and research institutes. The scope of this new hub is to improve peoples' lives by innovating communications and empower businesses for a digital and sustainable future. We use newest technologies such as 5G, 6G, Augmented Reality, Artificial Intelligence, Data Analytics and Security by Design in order to build new products and propositions for health, industry, transport, automotive, agriculture and many more. Dresden is a dynamically growing high tech region in the heart of Europe with a strong industrial focus, excellent research landscape. At the same time Dresden is a great place to live with manifold culture, unspoiled nature and an international and family friendly environment. The ideal spot for creativity and innovation.
What will you be doing?
As a Secure by Design Manager (NaaP) (m/f/d) in the Global Cyber Strategy & Secure by Design team you will
- act as the interface between the technical disciplines and the business to carry out technically orientated security assessments, setting security requirements for new products and services, and assessing compliance and risk.
- have an important advisory role across the business and you will be required to provide security design and architecture guidance as well as general security consultancy, you will act as cyber coach to agile projects and programme teams to ensure that future infrastructures and products for Vodafone globally are secure.
- be subject matter expert for Cyber Security and work closely with solution architects, designers, and developers.
- cover the Cyber related aspects of the Security and Privacy by Design and Assurance process for new products and service development.
- scope and coordinate security penetration testing prior to product launch.
In this role you specifically will have a focus on Secure by Design for the Networks-as-a-Platform (NaaP) program, and you will
- manage all security assessments for API development and corresponding IT landscape,
- lead interaction between the Vodafone Group and local market security teams for input of requirements into the design,
- manage the risk acceptance process with product owners and other stakeholders,
Impact on the business:
- You will provide that all global products, services, and infrastructure for Enterprise customers, consumers, or those being used internally by Vodafone are secure by design and will meet an appropriate technology security level and demonstrate that all potential risks are being mitigated to an acceptable level to assure the confidentiality, integrity and availability of systems and data.
Customers, supplier and third parties:
- You will provide advice and guidance to internal and external customers on security related matters.
- You will define, communicate, and ensure that suppliers and third parties understand and comply with Vodafone’s security standards.
Leadership and teamwork:
- Leadership and teamwork are essential in this role, you need to work closely with the business and technology architecture teams, design and operations teams, and with the other security teams e.g. Risk & Compliance, Ethical Hacking, Security Operations, and Corporate Security. You will also be required to manage external resource and coach Security Champions in the agile teams.
Innovation and change:
- You will help change the perception that security is an inhibiter, and work to demonstrate that security can be a business differentiator by enabling the business with secure by design for its products and services.
It would be nice if you have:
Core competencies, knowledge and experience:
- proactivity and an attitude to identify best practices that can be spread to other APIs
- communication skills:
- the ability to communicate security requirements and risks to all levels of the business
- the experience to explain complex technical matters to non-technical business executives and to give clear guidance for implementing security controls in complex environments
- profound professional experience in information technology, Cyber security as well as experience with security in agile ways of working, DevSecOps
- good knowledge/experience with securing of cloud environments (ideally AWS), web services and API security (platform & microservice layer), container security, connectivity, user access management, networks and penetration testing experience is beneficial
Must have technical / professional qualifications:
- university degree in Information Security or equivalent
- one or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
- 5+ years work experience in the field of cyber security
- 3+ years work experience with Platform/API/Microservice architecture review
- experience with modern cloud architectures and technologies
This position may be full-time or part-time (minimum 30 hours).
Severely disabled applicants will be given special consideration if they are equally qualified.
We are filling this position for Vodafone Group Services GmbH.
What's in it for you?
- Full Flex Office - opportunity to carry out your work, in agreement with your line manager, up to 75% at a suitable location of preference in Germany, and up to 20 working days per year from other EU countries
- Additional benefits of Full Flex Office: Refund of major part of the costs for your Vodafone fixed network and internet connection and provision of equipment, e.g., a monitor for your home office
- Monthly discount on Vodafone mobile phone contracts
- Vodafone family and friends discount
- Access to our internal learning platform and LinkedIn Learning
- 30 days holiday and holiday plus - option to buy additional 10 days
- Generous global parental leave policy
- Access to online sport courses
- Car and bike leasing options
- Attractive salary and a modern company pension, financed by Vodafone
Together we can