Share this Job

Security & Compliance Expert

Posting Country:  Germany
Date Posted:  08-Oct-2021
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Location: Ratingen, Germany

Role purpose:

This purpose of this role is to ensure, control and improve the proper remediation of infrastructure, application and middleware vulnerabilities for services managed by VF Group as well for improving IT Service processes for patch & vulnerability management.
The overall goal is to reduce the risk of internal/external cyber-attacks by keeping VF infrastructure and services compliant to security requirements in order to protect Vodafone brand, the business services and their values.
The Security & Compliance Expert is accountable to manage & coordinate all patching and remediation activities and provide internal reporting for local markets/group functions in scope.
This role is responsible to enable, initiate, track & monitor the patch and track & monitor vulnerability remediation and closely interact with supporting Group functions like Change Management. Close interaction and alignment with Local Market application teams, service owner and local market CTSOs is necessary to successfully deliver on the role.
This includes:
• Planning of TSSC activities for patch management and coordination of the remediation  
  activities according to appropriate planning
• Promote security awareness & standard maintenance window activities between Local Markets and  
  Group & Security functions (standard patch /batch cycle)
• Act as the focal point during patch planning and execution phase
• Review and support to improve IT Services processes and procedures  in order to ensure an efficient 
  O.S. patching of  the whole installed baseline

• Support the Risk Acceptance activities

• To support and drive server related decommissioning programs whilst maintaining the highest level of service availability to Vodafone customers and coordinate investigations regarding the usage of legacy environments to optimize the estate where needed

• Drive the improvement and automation of related patching and vulnerability management work

This role will also support clean-up activities (e.g. CMDB data quality) and server related decommissioning activities whilst maintaining the highest and most secure level of service availability to Vodafone customers. The Security & Compliance expert will support and independently run technical and organizational investigations regarding the usage of legacy and End of Service life environments to optimize the security level of the estate where possible. Supports/drives improvements on organizational /process /tool level.

With us you will:
• Patch management & coordination as per Patch Process
• Vulnerability Management & Remediation coordination
• Security Maintenance Window:  Align with local markets regular maintenance window calendar in order to e.g. facilitate and accelerate security patch cycles.
• Maintain asset CMDB quality baseline for areas in scope . This includes Business Service relations, their Ownership, correctly documented maintenance windows and analysis for potential Decom candidates as part of the daily server/patch coordination

Apply if you have:
• Strong ITIL Awareness, min. certification at foundation level and very strong process skills
• Strong read/write capabilities in English
• 5-8 years proven IT Service experience with knowledge of IT platforms, operating system or application services in conjunction with IT Security experience
• Structured, organized and conscientiously
• Very good communication abilities
 Must have technical / professional qualifications:
• As above
• General security and vulnerability knowledge
• ESA Bladelogic knowledge




Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.