Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

What you’ll do

 

Maintenance and review of CHARM threat scenarios (currently IT and Telco, to include Supplier in future), including mapping relevant MITRE techniques to defined threat scenariosMaintenance and review of mapping of Vodafone's controls to MITRE techniques and their importance in mitigationsManaging maintenance and review of materiality analyses for each scenario, including updating reference data and scanning for updated parameters/data points to inform assumptionsEngaging SME and stakeholders to support the above while executing against a clear review calendarAssisting the team in determining the input to the quantification model including threat trend factors and incident recordsContributing to the triage, creation, update and retirement of threat scenariosReview Compliance Reports/Dashboards to identify linkages to undefined risksSupport to improve process maturity on controls and policies

Consult on risk assessment and report major risks, if any identified.

Who you are Minimum 5 years of practical experience in Risk Management Minimum 2 years of experience in cyber risk modelling, quantitative risk analysisWorking knowledge of cyber risk quantification methodology (e.g. EMV, Monte Carlo, SLE, ALE) and frameworks like FAIR or OpenFAIR, would be an added advantage and will be preferred over other candidates.Expertise in Cyber and Information SecurityUnderstanding of industry known cyber-attack kill chain and frameworks (e.g. MITRE ATT&CK)Understanding of cyber security controls (e.g. ISO27002) and how they work towards mitigating threats and specifically attack methodologiesUsed to working in a global environment and ability to adapt style to different cultures and audiencesWell-developed technical knowledge across a broad range of IT topics with strong focus on securityStrong organizational skills and self-organizedGood interpersonal and communication skills

Fluency in English

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you Support building of a Risk Quantification programCreation, Review, Lifecycle and maturity of Threat scenarios in accordance with Group Security Baseline and Industry

Enabling methods to quantify risks in conjunction with Security gaps and Threat scenarios

CRISC or ISO27005 Certified MandatoryCISA/CISM/ISO27001 or equivalent Trained Mandatory. Certification Optional.

CISSP/CCSK Trained will be good to have

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.