Share this Job
Apply now »

Security Testing & Life Cycle Assurance Specialist (f/m/x)

Posting Country:  Germany
Date Posted:  18-Jun-2021
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Location: Ratingen, Germany

The purpose of this role is to manage, control and improve IT Security Lifecycle related activities within the Group Datacenter organisation for specific controls (security hardening & endpoint protection) and to ensure quality, completeness and correctness across security controls in scope of the Group Datacenter.
The overall goal is to reduce the risk of internal/external cyber-attacks by keeping VF infrastructure and services compliant to security requirements throughout the entire lifecycle process starting from the Build/QA phase until the decommissioning of the environment in order to protect Vodafone brand, the business services and their values.
This role will initially define and then globally roll-out and industrialize a Security Assurance and lifecycle testing hardening and endpoint protection framework for the on-premises data centre services covering all main technologies as well for the entire environment of Public Cloud Services and will therefore ensures that critical and key Cyber Security Baseline controls are properly and sustainable implemented.
The Security Testing & Life Cycle Assurance Specialist:
• takes full responsibility to manage and ensure security coverage and compliance for IT Security Hardening and Endpoint Protection for on-premise and Cloud solutions
• manages onboarding of the large scale GDC managed estate into the global technical solutions for hardening and endpoint protection
• coordinates hardening and endpoint protection security remediation work into the IT OPS teams incl. tracking of progress and full reporting on technical as well on executive management level
• monitors that global lifecycle programs such as “Windows Monthly Patching Cycle” are executed as per plan considering full coverage and successful execution (100% conformity, completeness and correctness)
• analyse data to identify and determine root causes to address and resolve security data quality gaps across GDC product owners and key stakeholders to ensure a high data quality and sustainable complete and correct data baseline as the pre-requisite to execute the security testing and lifecycle security testing. Recommend long-term solutions
• Accountable for regular and effective security life cycle reporting for security testing and lifecycle across security controls and global initiatives (such as CCS, SEP, WMPC, SECURED) for different audience (TLT, Service Review meeting, technical teams)

The Security Testing & Life Cycle Assurance Specialist combines deep technical skills on operational security combined with excellent adaptive communication skills as well strong agile methodologies to ensure the “secure by design” principle through the entire IT lifecycle Management and coordination with technical support functions like _VOIS “Infrastructure Management” or “Security & Testing” teams (onshore and offshore) as well. Close collaboration with Group Cyber Security teams and with key stakeholders inside Local Market /Group Functions is mandatory to successfully deliver on the role.

With us you will:
• Testing and Security Life Cycle for hardening and endpoint protection are applied for on-premises as well Public Cloud
• Keep systems up-to-date for endpoint protection
• All security lifecycle deviations for hardening and endpoint protection are either addressed for remediation or managed with Risk Acceptance
• Security reports on coverage & compliance are provided as per policy & shared with LM/GF, as well with TLT
• Accurate, consistent, reliable security data to be stored into central repository (e.g. CMDB / internal security tool)


Apply if you have:
• 4-6 years proven IT Service experience with knowledge of IT platforms, operating system or application services in conjunction with IT Security experience
• Structured, organized and conscientiously
• Very good coordination and communication abilities
• Very strong coordination, analytical, presentation skills and read/write capabilities in English, strong read/write capabilities in Italian (C1)
• Deep skill with assets configuration management and security /discovery tools
 Must have technical / professional qualifications:
• Bachelor’s /Master degree in IT engineering, business management or prove of comparable working experience.
• General background of IT service & security management & governance (e.g. patching, VN remediation, hardening, endpoint protection)
• General understanding of SOX, ISO/IEC 27001, ISO/IEC 27000,  ITIL and agile methodologies
• Deep skill on technical environments such as ESA Bladelogic, ADDM, SecTool, CCS, SEP
Ability to work across international and distributed teams in a virtual environment and to deal with international customers and partners.



Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.

Apply now »