Cyber Security Architect

Please see below job description:

Experience - 6yrs+

Location - Pune/Bangalore (Hybrid)

The Secure by Supplier Manager is responsible for identifying, assessing, and mitigating Cyber security and regulatory risks associated with third-party suppliers. This role ensures Vodafone’s compliance with UK-specific regulations, i.e., the UK Telecom Security Act, and embeds secure-by-design principles into supplier engagements from the earliest stages.

The role holder will focus on implementing secure by design principles.

Key responsibilities include:

• Performing technical assessments of a supplier’s security posture and compliance to UK regulatory requirements during supplier sourcing and contracting.
• Measuring the security & compliance risk, documenting all findings and provision of a security recommendation into the sourcing decision
• Engaging with external suppliers to clarify, understand & influence their regulatory compliance and general security position.
• Management of multiple stakeholders and functional subject matter experts in order to verify a security position and drive effective decision outcomes
• Being the technical subject matter expert in the communication of security risks when liaising with the business, technology and third-party vendors.
• Identifying required contractual provisions to mitigate and minimise the risk to Vodafone and support Supplier Cyber Security in their negotiation of contractual security requirements.

Core competencies, knowledge and experience:

• Experience of pre-sales environment, identifying and assessing risk through evaluation of responses in order to determine a security recommendation
• Ability to deal with complexity, collaborate effectively and communicate security requirements and risks to all levels of the business. The experience to explain complex technical matters to non-technical business executives is crucial.
• Experienced in managing stakeholders at different levels of the organization.
• Strong professional experience in information technology, Cyber security with a good level of technical depth, ideally gained in a similar role
• Good knowledge/experience in securing of cloud environments and web services, container security, connectivity, user access management, networks and penetration testing

experience beneficial.

• Good knowledge/understanding of security governance within the delivery types such as Software as a Service, Platform as a Service and Infrastructure as a Service and working alongside the vendor solutions as wel

Must have technical / professional qualifications:

• Expertise in fixed, mobile networks and networking generally.
• University degree in Information Security or equivalent
• One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
• 5+ years work experience in the field of cyber security