19 days ago
The primary responsibility of the Cyber Security Engineer would be to focus on identification, monitoring, management, and communication of Cyber Security Risks and Compliance. To perform this this role s/he would be responsible for;
- Maintaining Cyber Security Policies – Responsible to review and communicate Cyber Security policies within the company. Ability to develop security policies and guidelines based on best practices and industry standards
- Assisting in defining strategy, blueprint and roadmap in relation to Cyber Risk, Compliance & Governance for the various aspects of Security, including those that cut across IT and Networks.
- Lead in ensuring compliance with internal Cyber Security Framework
- Management of Cyber Security Risk Management framework – Conducting thorough risk analysis, interpreting the associated risks and their classification, proposing risk remediation actions and tracking of the mentioned risks. The chosen candidate for this role will also be responsible for the communication of Cyber Security risks to Management.
- Supporting project compliance and risk management through close alignment with project delivery teams and conducting security Assessments.
- Build and conduct an internal audit programme. Effectively communicate audit findings and related recommendations in both technical and non-technical terms to management and respective teams. Take an active role during audits performed by third parties.
- Risk assessment and security vetting for new and existing 3rd parties to ensure adherence to Vodafone’s policies and processes.
- Assist in the development and conduct the necessary Cyber Security Awareness and education within in the company.
- Work closely with the Cyber Security team members to follow-through on compliance requirements and risk treatment.
Core competencies, knowledge and experience
- Bachelor’s degree in the relevant technical field and/or specialised security certification
- At least 2 years work experience in cyber security roles involving security compliance, risk management, security audits and information governance
- Information Security relevant certifications (e.g. CISA, CISSP, CISM)
- Strong knowledge of current and emerging cyber security risks, and innovative risk management methods and solution
- Ability to collaboratively develop a risk strategy in conjunction with stakeholders
- Strong analytical thinking, written, and oral communication and presentation skills
- Must have the ability to influence others and work at all management levels across the organizational structure
- Skilled at planning, tracking plans, working cross department to review processes and controls, gathering and organizing documentation and test results
- Demonstrated knowledge and experience in ISO27001, PCI-DSS, NIST or SOC compliance and compliance to the GDPR legislation
- Ability to adapt to a dynamic, rapidly changing business and technical environment