Latest Jobs at Vodacom

Role Purpose

The role of the Senior Specialist: Technology Security is to drive the delivery of the abovestrategy in the Vodacom Group Network and Engineering team and monitoring progress against targets set with the primary objective of safeguarding Vodafone/Vodacom customer data and infrastructure from Cyber Threat Actors. This role will involve working with stakeholders in Vodacom South Africa to drive out Cyber Security requirements and baseline requirements in Networks – some requirements may carry over into the Operating Companies to ensure consistency is applied to the control environment. The role is responsible to guide the efforts ofthe Networks team to implement day-to-day cyber prevention, detection and response controls.

Your Responsibilities Will Include

• Identify key stakeholders and develop and grow relationships and influence to further embed the security requirements in IT, Networks and Business.
• Understand and research the Cyber threat landscape, trends, regulatory requirements and new technologies.
• Apply best practices in order to provide practical security guidance to stakeholders in the market and that are sensible and fit for purpose.
• Consulting and engagement with various business units on our Secure By Design process for new and older systems or applications – including the appropriate risk assessments and penetration tests are conducted.
• Ensure that the process to onboard and adopt the Cyber security capabilities across the networks team is adhered to.
• Provide insights into group and global cyber security solutions are meet local requirements from a functionality, capability and cost perspective.
• Report on Security Targets for the area and back to stakeholders
• Ensuring all Group initiatives and programs are securely implemented within policy and any risks are actively managed.

The Ideal Candidate For This Role Will Have

• Must have technical / professional qualifications:
• 3 year Technical Diploma/ Degree in Information Security, Computer Science or Electrical Engineering (communication).
• 5-10 years’ experience in the technology security or IT security function and Matric with 5 years’ experience in Networking plus a CISSP Certification or CISM Certification is preferable.
• Minimum of 4 years’ experience in an ICT environment specifically pertain ing to Security concepts and technologies - with Networking Experience being critical. (Defensive and Offensive security, Security Architecture, Application Security, OWASP, SANS, NIST, ITIL, TO GAF, ISO27001, is essential).
• 2 years’ experience in Fraud / Technical Security / Risk Management is essential.
• 1years’ experience in operational security audits is desirable.
• Knowledge of security domains (access control, network security, operation security, encryption, etc.).
• Knowledge of security concepts and technologies. (Defensive and Offensive security, Security Architecture, Application Security, PCI DSS, OWASP, SANS, NIS T ,etc.)
• Knowledge of Fraud and Technical Security relations

Closing date for applications: 06 July 2020

go to method of application »

The Purpose Of This Role

The purpose of the role is to manage and lead the Technology Security Cyber Security Baseline Assurance needs across Vodacom Group. To further provide security assurance, guidance and support to high profile projects according to company defined policies and requirements, best practice and local/international standards (PCI, SOX, ISO27001, GDPR, POPIA and Cyber Crime Bill of 2015) relevant to the technology security area. This role requires the individual to have credible experience in Information Security and Cyber Security Governance, Risk and Assurance based on proven frameworks such as COBIT 5, ISO27001/2, and the NIST Cybersecurity Framework. As a key member of the Vodacom Group Technology Security team, the candidate should be comfortable with driving information security assurance ideas and communicating clearly with technical as well as non-technical audiences.

Closing date: 06 July 2020

Your Responsibilities Will Include

• Provide supervisory technology security assurance, guidance and support to the Vodacom Group
• Assure that security is embedded in IT System and Network Infrastructure (Mobile, IS and Enterprise) across the Vodacom Group
• Defining, implementing and efficiently maintaining technology security controls and requirements
• Ensure timely delivery of technology security assurance and support for projects
• Ensure compliance with Legal and Regulatory requirements
• Provide SME input to Technology Security Policy requirements and procedures
• Support Technology Security awareness programs and educational efforts
• Provide accurate and timely reporting of technology security risks identified during project engagement and propose remediation and mitigation options
• Fulfil key customers’ obligations and stakeholders’ expectation
• Participate in creation and execution of technology security strategy
• The role requires the individual to monitor information security governance, risk, and compliance by Vodacom Corporate IT, Mobile and Enterprise Business domains
• Engage with the stakeholders on control effectiveness and deficiencies in the design and operating effectiveness of information security controls, design and recommend opportunities for continuous improvement;
• Interpret and manage the controls and capabilities required for Vodacom to establish and comply with an information security management system in alignment with information security international best practice and/or industry standard(s);
• Develop, manage and implement the Vodacom information security audit and assurance plans and schedules, including any specific business needs and requirements (including PCI, ISO27001, GDPR, POPIA, Cyber Crime Bill)
• Manage and conduct formal information security risk analyses, reviews, tests, audits and/or self-assessments;
• Design appropriate remedial actions for identified risks, drive remediation of findings and management of risks and exemptions;
• Participate in IT general controls and compliance testing activities and/or audits;
• Report information security risks in an appropriate way for different audiences;
• Collaborate with various key stakeholders, and provide information security advice to stakeholders

The Successful Candidate Will Have

• Bachelor’s Degree or National Diploma in Computer Science, Information Systems or other related field
• A minimum of 5 years relevant work experience of which at least three years is in designing, developing, deploying and/or administering infrastructure solutions
• Experience of current and emerging virtualization, infrastructure, and cloud and containers technologies and architectures, such as Windows, Linux, AWS, Azure, Openstack, Docker etc.
• Experience of configuration management and automation tools such as Puppet, Chef, Ansible, Salt etc.
• Experience working with programming and scripting languages, such as Ruby and Python
• Experience working closely with agile methodologies, such as Scrum, XP, and with teams leveraging DevOps and Continuous Delivery / Integration
• Strong understanding of IT management best practice frameworks, such as ITIL and COBIT
• Professional experience and knowledge of the Telecommunications industry preferred

The base location for this role is, Corporate Park, Midrand