Security Assurance And Compliance

Europe
  1. Full Time
  2. IT/Technology
000000254452
Posting date:13 Jun, 2019

Role Title: Principal Group Entities Risk Management & Compliance

Location: Newbury
 

At Vodafone Group we build connections to all our Global operations, acting as an advisory board to drive consistency and customer excellence across 30 countries and for over 420 million customers. We are constantly uncovering tactics to innovate the way we operate, set our global standards or lead our strategic performance. By joining Vodafone Group, you will be part of evolving our digital world of total communications. Now is the time to get on board.


Technology

As a bold global technology leader, our products and services touch the lives of millions, as well as lending a huge helping hand to some of the country’s most crucial organisations. 
From contactless payments to connecting emergency services, our technology delivers some truly exciting initiatives, not to mention the incredible connections we make on a global level every single day. We rely on the brightest sparks to help us deliver new innovations. So if you believe, like we do, that technology can help us imagine, create and realise a more connected future – then we need you to help us achieve that goal! 


We’re focused on building the best network, providing a knockout digital experience and giving back the very best to our business customers.  What links us all together is that we are all customer obsessed, innovation hungry and ambitious! Are you?


Role Purpose: 
  • Deals with Group Entities’ key stakeholders and reports directly to the head of Cyber Security Group Entities and dotted to Head of 2nd line of Defence Risk & Control
  • Accountable for driving day by day activities aimed  to keep the risk within tolerance, for all Group Entities’
  • Accountable for assessing Risk management process inside Group entities, ensuring that it’s coherent  and aligned with the standards dictated by 2nd line of Defence, providing reporting and driving activities to build/rebuild the risk management process.
  • Accountable for compliance requirements/metrics with respect to internal policies, guidelines and legal requirements (e.g. ISO, SOX, PCI, GDPR)
  • Accountable for ensuring that all the non compliances, controls/policy failures or weaknesses highlighted during audits or pre-audits (like in ISO27001, SOX and PCI) are followed by remediation actions and report any possible criticality to Group Entities CIOs-Like and internally as well.
  • Accountable for assessment, evaluation, monitoring and reporting of the key management process for all Group Entities’. For key management the role is also accountable for driving the change in order to have the process in place (private and public keys lifecycles, certificates generation and certificates authorities validation and so on).
Joining us as a Principal Group Entities Risk Management & Compliance you can be part of our empowering terminals function. The Future is exciting. Ready?”


With us you will:
  • Acts as facilitator in the relationship between Group Entities and Cyber Security second line of defence on security risk management & compliance topics, supporting in the definition of new procedures or during internal/external auditing
  • Responsible for building risk awareness by providing guidance for support and training within the Group Entities towards 2nd line of Defence.
Apply if you have:
  • Strong experience of developing and implementing policy and controls aligned with information security standards such as ISO27001
  • Experience and understanding of the Payment Card Industry data security standards (PCI-DSS)
  • Solid knowledge about ITIL Process Design, SOX, Segregation of Duties and User Access
  • Experience in conducting internal and external audits
  • Throughout understanding of Key management process
  • Leadership experience in managing virtual and geographically split teams
We’re happy if you:
  • UK government Clearance to SC level
  • Detailed level of understanding of ISO 27001, PCI DSS and preferably ITU-T X.805.
  • An understanding of Corporate Governance principles and relevant legislation (e.g. Sarbanes Oxley)

Commitment from Vodafone

 

Vodafone is committed to attracting, developing and retaining the best people by offering a motivating and inclusive workplace in which talent is truly recognised, developed and rewarded. We believe that diversity plays an important role in the success of our business and we are committed to creating an inclusive work environment which respects, values, celebrates and makes the most of people’s individual differences - we are not only multinational but multicultural too. At Vodafone you will have access to our excellent benefits programme that you would expect from any global company. If you have any questions, please don’t hesitate to reach out to us on careers@vodafone.co.uk

 

If you have any questions left

 

Check out the application process and get to know us better here: https://careers.vodafone.co.uk/technology /  

 

Read more stories here: https://careers.vodafone.co.uk/posts

 

For any technical difficulties with submitting your application, please contact group.resourcing@vodafone.com

 

The future is exciting. Ready?

 

Life at Vodafone

Raniya's Work Experience

James "Vodafone changed my life"

James "Vodafone changed my life"