Cyber Security Baseline Specialist - Vodafone

Vodafone is a purpose-led company. our purpose is to connect for a better future and our expertise and scale give us a unique opportunity to drive positive change for society.

Role Purpose

• To manage and lead the Technology Security Cyber Security Baseline Assurance needs across Vodafone Ghana.
• To further provide security assurance, guidance, and support to high-profile projects according to company-defined policies and requirements, best practices, and local/international standards (PCI, SOX, ISO27001, GDPR, POPIA, and Cyber Crime Bill of 2015) relevant to the technology security area.
• Should have credible experience in Information Security and Cyber Security Governance, Risk and Assurance based on proven frameworks such as COBIT 5, ISO27001/2, and the NIST Cybersecurity Framework.
• As a key member of the Vodafone Ghana Cyber Security team, the candidate should be comfortable with driving information security assurance ideas and communicating clearly with technical as well as non-technical audiences

Job Responsibility

• Provide supervisory technology security assurance, guidance, and support to the Vodafone Ghana (VFGH) team as well as Vodacom Group & Vodafone Group where needed.
• Assure that security is embedded in IT System and Network Infrastructure (Mobile, IS, and Enterprise) across the Vodacom Group.
• Defining, implementing, and efficiently maintaining technology security controls and requirements.
• Ensure timely delivery of technology security assurance and support for projects.
• Provide SME input to Technology Security Policy requirements and procedures.
• Provide accurate and timely reporting of technology security risks identified during project engagement and propose remediation and mitigation options.
• Participate in the creation and execution of technology security strategy.
• The role requires the individual to monitor information security governance, risk, and compliance by Vodafone Ghana Corporate IT, Mobile, and Enterprise Business domains.
• Engage with the stakeholders on control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement.
• Interpret and manage the controls and capabilities required for VFGH to establish and comply with an information security management system in alignment with information security international best practices and/or industry standards (s).
• Develop, manage and implement the Vodafone information security audit and assurance plans and schedules, including any specific business needs and requirements (including PCI, ISO27001, GDPR, POPIA, Cyber Crime Bill).
• Manage and conduct formal information security risk analyses, reviews, tests, audits, and/or self-assessments.
• Design appropriate remedial actions for identified risks, drive remediation of findings, and management of risks and exemptions.

Skills

• Monitor and Diagnose
• Incident Response
• Dev Ops
• Security
• Software Engineering
• Automation and Robotics
• Cloud
• Data Analytics and Insights
• Professional / Technical Skills
  

Qualification

• Bachelor’s Degree in Computer Science, Information Security, Engineering or Technology or other related fields.

• Minimum of 5+ years of experience in a Tech Security role.

• Knowledge of technology management/compliance frameworks such as ISO/IEC 27001, SOC 2, SOX, ITIL, COBIT, and NIST.

• Knowledge of legal, regulatory, and privacy requirements, such as Personally Identifiable Information (PII) Protection and Payment Card Industry (PCI)/Data Security Standard.