Information Security Manager

Long

Location: Newbury, hybrid working
Salary: Excellent basic salary plus bonus and Vodafone benefits
Working Hours: Full time 37.5 hours per week – Mon to Fri

 

 

At Vodafone UK we believe that through collaboration and connection with our colleagues we can achieve great things. Our hybrid working approach allows our people to work both in the office and at home, providing the flexibility and resources you need to succeed in your role. We don't require you to be in on specific days; instead, we ask people to come into the office 2-3 days each week, on average 8 days a month. Our “Office in a Box” home working kit will provide you with everything you need, no matter where you are.

 

 

Who We Are

 

 

At Vodafone UK, diversity isn’t just a buzzword, it is core to who we are as a company. We’re proud to be certified as a Great Place to Work and are committed to driving inclusion for all; creating a workplace that is fully representative of the communities and customers we serve.

 

 

Join us at the heart of Vodafone UK in Corporate, one of the central support functions that underpin our business and keep us moving forward. We provide centralised support, expertise and guidance across our UK and Group operations, continuing to build on our success and trailblazing the way to our next stage of digital growth.

What you'll do

 

 

The Government Security Team is responsible for providing operational support to government and law enforcement agencies in order to meet our obligations under the Investigatory Powers Act.  Technical solutions are at the heart of our ability to meet these obligations, and in the process, help fight serious crime and save lives.  We offer an industry leading capability and need the best people to ensure we maintain this.

 

 

As the Information Security Manager you will be the security authority and primary point of contact for the team.  You will be accountable for ensuring our operation, platforms and data are secure.  You will implement appropriate methodology, processes and controls to ensure that solutions are secure by design, effective operational and technical security controls are in place and both Vodafone and our suppliers remain compliant with the stringent security requirements placed upon us.

 

 

• Implement and manage a security governance framework incorporating internal and external stakeholders creating a security focussed, collaborative culture with all parties.
• Review, interpret and maintain compliance with external (HMG) security requirements and Security Aspects Letters, ensuring appropriate requirements are cascaded to vendors and suppliers and compliance assured.
• Forge and maintain excellent working relationships with other Vodafone security teams ensuring continued awareness of current standards, policies and processes, applying these where appropriate within Government Security.
• Implement and manage a robust risk management framework for Government Security, taking ownership and accountability of risk registers as SIRO for the function.
• Develop, implement and maintain effective security incident management processes, incorporating reporting, recording and resolution.
• Produce, publish, maintain and ensure compliance with local security operating procedures incorporating all physical locations, operations and personnel.
• Manage the annual IT Security Health Check process to include scoping, supplier engagement, review and remediation of findings.
• Identify opportunities and drive changes to improve security of compliance systems taking proactive steps to protect against emerging threats.

 

 

Who you are

 

 

• Security Cleared to SC level and be willing to undergo higher level clearance checks if required.
• Recognised Information Security certification such as CISSP, SSCP, CISM, ISO27001 lead auditor or extensive experience in working with ISO27001 or similar security framework.
• Information security risks as well as processes, technologies and tools to mitigate these risks – preferably including the specific risks and countermeasures in the Telecommunications environment.
• Information security domains - access control, network security, operation security, encryption, etc.
• Sound working knowledge and experience of different technologies including cloud (preferably AWS) web applications, infrastructure and operating systems.
   

Desirable Skills and experience;

 

 

• Previous experience of communications data and IPA compliance systems.
• Knowledge of current UK legislation (IPA, GDPR etc).
• A good understanding of Mobile Telecommunication Concepts including 5G, 4G and 3G Telecommunication Network Concepts .
• Experience of security concepts and technologies (defensive and offensive security, security architecture, application security, PCI DSS, OWASP, SANS, NIST, etc.).
• Previous experience working in IPA compliance systems as well as experience of working with Telecommunications Data.
• Experience of working within formal security frameworks.
• Familiar or experienced with legislation or regulation such as: Investigatory Powers Act, NS&I, PECR, GDPR

 

 

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in.

 

 

What we offer

 

 

We believe that taking care of our employees is the key to their success. That is why we offer an excellent remuneration and bonus package with up to 28 days holiday entitlement, in addition to bank holidays and paid leave for charity projects. We offer an extensive benefits package that can be tailored to suit you and your family, including employee discounts, retail vouchers, pension plan and share schemes. We take pride in our commitment to supporting you at every stage of your career by providing top of the range learning and development tools and market leading parental leave policies.

 

 

Together we can

 

 

Vodafone UK are regulated by the Financial Conduct Authority and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet the regulators standards.

 

 

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, a sign language interpreter, or assistive technology, please refer to the Accessibility section of our Careers website (https://careers.vodafone.com/uk/applying-to-vodafone/) for guidance.

 

 

#LI-Hybrid
#vodafoneuk