Cyber Security Architect

Please see below job description :

Experience - 6yrs+

Location - Pune / Bangalore (Hybrid)

The Secure by Supplier Manager is responsible for identifying, assessing, and mitigating Cyber security and regulatory risks associated with third-party suppliers. This role ensures Vodafone’s compliance with UK-specific regulations, i.e., the UK Telecom Security Act, and embeds secure-by-design principles into supplier engagements from the earliest stages.

The role holder will focus on implementing secure by design principles.

Key responsibilities include :

Performing technical assessments of a supplier’s security posture and compliance to UK regulatory requirements during supplier sourcing and contracting.

Measuring the security & compliance risk, documenting all findings and provision of a security recommendation into the sourcing decision

Engaging with external suppliers to clarify, understand & influence their regulatory compliance and general security position.

Management of multiple stakeholders and functional subject matter experts in order to verify a security position and drive effective decision outcomes

Being the technical subject matter expert in the communication of security risks when liaising with the business, technology and third-party vendors.

Identifying required contractual provisions to mitigate and minimise the risk to Vodafone and support Supplier Cyber Security in their negotiation of contractual security requirements.

Core competencies, knowledge and experience :

Experience of pre-sales environment, identifying and assessing risk through evaluation of responses in order to determine a security recommendation

Ability to deal with complexity, collaborate effectively and communicate security requirements and risks to all levels of the business. The experience to explain complex technical matters to non-technical business executives is crucial.

Experienced in managing stakeholders at different levels of the organization.

Strong professional experience in information technology, Cyber security with a good level of technical depth, ideally gained in a similar role

Good knowledge / experience in securing of cloud environments and web services, container security, connectivity, user access management, networks and penetration testing

experience beneficial.

Good knowledge / understanding of security governance within the delivery types such as Software as a Service, Platform as a Service and Infrastructure as a Service and working alongside the vendor solutions as wel

Must have technical / professional qualifications :

Expertise in fixed, mobile networks and networking generally.

University degree in Information Security or equivalent

One or more of the following : CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent

5+ years work experience in the field of cyber security