Secure by Design Expert in Bucuresti

Your day to dayA Secure by Design Consultant in the Global Cyber Strategy & Secure by Design team acts as the interface between the technical disciplines and the business to carry out technically orientated security assessments, setting security requirements for new products and services, and also assessing compliance and risk. The Secure by Design Consultant also has an important advisory role across the business and is required to provide security design and architecture guidance as well as general security consultancy, acts as cyber coach to agile projects and programme teams to ensure that future infrastructures or products for Vodafone globally are secure.With these activities you will have a great impact on our businessCustomers, supplier and third parties – provide advice and guidance to internal and external customers on security related matters. Define, communicate and ensure that suppliers and third parties understand and comply with Vodafone’s security standards.Leadership and teamwork – Leadership and teamwork are essential this role, the Secure by Design manager needs to work closely with the business and technology architecture teams, design and operations teams, and with the other security teams Risk & Compliance, Ethical Hacking, Security Operations, and Corporate Security. The role holder will also be required to manage external resource and coach Security Champions in the agile teams.Innovation and change – This person will help change the perception that security is an inhibiter, and work to demonstrate that security can be a business differentiator by enabling the business with secure by design for its products and services.Communication –Must have ability to communicate security requirements and risks to all levels of the business. The experience to explain complex technical matters to non-technical business executives is crucial. The role, is expected to give clear guidance for implementing security controls in complex environments.With these skills you are a great candidate:The individual should have profound professional experience in information technology, Cyber security as well as experience with security in agile ways of working, DevSecOps. Good knowledge/experience with securing of cloud environments (one or more in the area of AWS, GCP, Azure, OCI) incl. Kubernetes (KaaS) and connectivity, user access management, network infrastructure, CDaaS / IaaS / SaaS and penetration testing experience beneficial.Profound knowledge and experience in DNS technology, Apache Kafka, CNI, Citrix env. and business requirements. This should cover classical endpoint focussed work models as well as cloud service consumption with also mobile devices and API driven Infrastructure. In addition, all collaboration (incl. Real times comms) is important.Must have technical / professional qualifications:-University degree in Information Security or equivalent-One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent-5+ years work experience in the field of cyber security-3+ years experience Cloud Service Security