Security Controls Manager

Vodafone Limited, Newbury, West Berkshire

Security Controls Manager

Salary Not Specified

Vodafone Limited, Newbury, West Berkshire

  • Full time
  • Permanent
  • Onsite working

Posted 2 weeks ago, 4 Dec | Get your application in now before you miss out!

Closing date: Closing date not specified

job Ref: c3bc68ced0cd4e17b9cadb6cc706108b

Full Job Description

Purpose:   The Security Controls Manager is responsible for developing the methodology and framework for managing Cyber security controls to reduce risk in line with Vodafone's tolerance. They will also lead programmes to implement and improve these controls as part of the Cyber Health & Adaptive Risk Management (CHARM) initiative, or other related programmes as required. The outcome is that the maturity of the Cyber 2nd line of defence function is increased, and we are more effective at reducing risk.  The role holder will be required to influence and guide colleagues from Cyber Security, wider Technology and in all markets and functions as well as collaborating with other functions including Privacy and Corporate Security.  What you'll do    

  •     Develop, document, and set up processes to enhance the updated CHARM control framework in line with our Cyber strategy including the support of regulatory requirements such as NIS2.
  •     Define criteria for control effectiveness and measurement as well as advising on tools to support the methodology. 
  •     Work closely with risk management and assurance teams and ensure that the methodology properly supports the integration of risks, threat scenarios, attack techniques, controls and automated measurement / assurance in order to deliver true risk reduction value.
  •     Provide guidance to other staff on the methodology, control implementation and best practice
  •     Obtain and implement input from subject matter experts and operational teams for developing the control framework and Key Risk Indicators further
  •  Who you are  
  •     Familiarity with security risks and controls (processes, technologies, tools) to mitigate these risks as well as hands-on experience with the design, implementation and operation of a methodology to manage the controls
  •     Preferably knowledge of
  • o    ISO 27001, NIST CSF and other industry frameworks for Cyber controls o    Regulatory requirements that have Cyber security elements such as NIS2, DORA and CRA o    The MITRE ATT&CK knowledge base
  •     Experience with complex IT environments and knowledge of different technologies (web applications, infrastructure, operating systems, databases, and Cloud)
  •     Experienced in managing stakeholders at different levels up to senior management
  •     Attention to detail, strong analytical skills, efficient problem-solving capability, strong oral and written communication skills including the ability to communicate complex matters in simple terms
  • What's in it for you
  • Discretionary yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity/adoption leave: 52 weeks out of which the first 13 weeks are fully paid followed by 26 weeks of half pay and 6 months - working 4 days, getting paid 5
  • Paternity leave: 16 weeks fully paid
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Who we are You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone. As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status. Together we can. #TogetherWeCan #Together_We_Can

  • Familiarity with security risks and controls (processes, technologies, tools) to mitigate these risks as well as hands-on experience with the design, implementation and operation of a methodology to manage the controls
  • Preferably knowledge of
  • o ISO 27001, NIST CSF and other industry frameworks for Cyber controls o Regulatory requirements that have Cyber security elements such as NIS2, DORA and CRA o The MITRE ATT&CK knowledge base
  • Experience with complex IT environments and knowledge of different technologies (web applications, infrastructure, operating systems, databases, and Cloud)
  • Experienced in managing stakeholders at different levels up to senior management
  • Attention to detail, strong analytical skills, efficient problem-solving capability, strong oral and written communication skills including the ability to communicate complex matters in simple terms

    You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.
  • As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status. Together we can. #TogetherWeCan #Together_We_Can

  • Discretionary yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity/adoption leave: 52 weeks out of which the first 13 weeks are fully paid followed by 26 weeks of half pay and 6 months - working 4 days, getting paid 5
  • Paternity leave: 16 weeks fully paid
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan