Cyber Security Assurance Tech Lead

Job Description

Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

What you’ll do

About the Role

We are looking for a Cyber Security Assurance Tech Lead to join our team and play a key role in delivering and supporting penetration testing and security assurance activities across Vodafone’s digital environment. This role is responsible for performing penetration testing engagements, supporting security assessment activities, conducting vulnerability analysis, and ensuring the security posture of web applications, mobile platforms, networks, and cloud environments.

As a Cyber Security Assurance Tech Lead, you will work closely with technical teams, vendors, and business stakeholders to identify, assess, and remediate security vulnerabilities while ensuring compliance with Vodafone’s cyber security policies, standards, and best practices.

Who you are

Job Responsibilities:

• Perform penetration testing activities on web applications, mobile applications, networks, APIs, and cloud environments to identify security vulnerabilities and weaknesses.
• Support penetration testing activities conducted internally or through third-party vendors, ensuring proper execution and reporting.
  
• Conduct vulnerability assessments and security analysis, providing remediation recommendations to improve the overall security posture.
  
• Validate secure implementation and acceptance of new technologies, systems, and infrastructure in alignment with Vodafone security policies and standards.
  
• Perform regular security assurance activities on existing applications and environments to ensure continuous compliance and protection against emerging threats.
  

• Participate in security risk assessments for new projects and initiatives, ensuring security risks are identified and mitigated during early project phases.
  
• Collaborate with technical teams and business stakeholders to track and remediate penetration testing findings in a timely manner.
  
• Review and validate penetration testing reports, ensuring findings are properly documented with clear remediation guidance.
  
• Stay up to date with emerging cyber threats, vulnerabilities, attack techniques, and industry best practices to continuously improve penetration testing and security assurance capabilities.

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you

Core competencies, knowledge, and experience

• Strong knowledge of security frameworks and methodologies such as MITRE ATT&CK, NIST, OWASP, and CIS Controls.
• Hands-on understanding of penetration testing methodologies for web, mobile, network, API, and cloud environments.
• Familiarity with hardening and secure configuration practices for servers, databases, operating systems, and applications.
• Experience in vulnerability assessment, risk analysis, and providing security recommendations aligned with business requirements.
• Ability to work collaboratively with cross-functional teams to identify, prioritize, and remediate security vulnerabilities.
• Strong analytical, troubleshooting, and problem-solving skills with the ability to communicate technical findings to both technical and non-technical stakeholders.
• Relevant certifications are considered a plus (OSCP, eWPTX, eCPPT, CEH, PNPT, or similar).

Key activities

• Follow internal delivery and governance processes to execute cyber security assurance and penetration testing activities in alignment with global and local security policies.
• Support the delivery of cyber security projects and assessments within agreed timelines and scope.
• Ensure all security assessment streams are progressing effectively and meeting their defined objectives.
• Prepare and issue reports and dashboards related to penetration testing and security assurance activities to Cyber Security and Technology Management.
• Coordinate and maintain effective communication with internal teams and external vendors involved in penetration testing and security assurance activities.
• Ensure security assessment activities and vendor deliverables are completed on time and according to required quality standards.

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.