Location: UK

Global Cyber Security’s role is to inspire trust and confidence in our customers by enabling a secure connected future for our customers and society. Our purpose is to proactively protect Vodafone & its customers by reducing the risks posed by security threats to Vodafone’s global technology infrastructure and the sensitive data it holds.

In Cyber Prevent, the Cyber Security Platform Domain Managers work closely alongside the Cyber Security Programme Managers. Collectively they work to define, and implement, global Cyber Security & Cyber Prevent strategies. They work intimately with central Technology and Cyber Security teams & globally dispersed local Cyber Security teams to ensure that all the cyber security platforms within their domains are: globally consistent; effective and efficient; have the right technical adequacy and coverage; and are delivering the optimum risk reduction effect. Consistent global management of these cyber security platforms will deliver a step change in cyber security risk reduction, for Vodafone and its customers.

The Senior Manager, Employee & Information Protection (Platform Domain), is accountable for ensuring the information security of all Vodafone employees and protecting their sensitive information. This will require the financial, and operational management, of large security vendor relationships. Relationship management and collaboration, with the Secure By Design (SBD) and the Office IT (OIT) teams, will be needed to create the technical strategy and roadmap for the Employee & Information Protection Platform Domain.

The Senior Manager, Employee & Information Protection, will act as Vodafone’s platform domain operational expert. They fully accountable, for the operational treatment of all cyber security platforms within their domain. The will use their personal experience and judgement to be able to determine quickly the optimum configuration. They will develop a set of global domain platform strategies & plans. This includes the global consolidation of platforms. They will lead the execution of these plans through virtual & matrixed operational teams; who will design, build, run & lifecycle manage all of the Information Protection security platforms in the domain across all Vodafone global entities.

The Senior Manager, Employee & Information Protection, is accountable for the operational quality and service availability of the cyber security platforms within their domain. Optimal platform effectiveness is required at all times (right tools, right rules, right coverage, right insight, and right response).

Personal leadership of Employees & Information Protection platform incident responses will be required. Orchestrating global response and action, in response to Information Protection platform alerts, in order to reduce immediate risk, is a core element of the role. Proactive identification through KPI of operational improvement programs and execution across all Vodafone global entities is a key element of the role.

The Senior Manager, Employee & Information Protection, will be required to operate effectively in a complex, dynamic, and constantly changing environment. Active & compelling engagement of teams and stakeholders will be crucial in creating the momentum required. This role will require a leader who is a highly effective communicator and collaborator to deliver the consistency & risk-reduction outcomes required.

The Senior Manager, Employee & Information Protection, will act as an ambassador for Global Cyber Security and the Cyber Code within the business. They will be advocates and role models for security best practices & consistency in approach when working with Vodafone colleagues worldwide.

With us you will:

• 
  Working with the Cyber Prevent Leadership team to define, and implement Vodafone’s Cyber Security & Cyber Prevent strategy.
• Development of a set global Employee & Information Protection domain platform strategies & plans and their execution of these plans through virtual & matrixed operational teams.
• Act as the authority, in collaboration with the SBD team, to define and lead the Employee & Information Protection domain technical strategy and roadmap.
• Full autonomy and accountability for leading an Employee & Information Protection Domain operational team who will design, build, run & lifecycle manage circa 11 cyber security platforms in the domain across all Vodafone global entities. Optimal platform effectiveness is required at all times (right tools, right rules, right coverage, right insight, and right response).
• Act as Vodafone’s Employee & Information Protection platform domain operational expert. Use their personal experience and judgment to be able to quickly determine the right operational treatment for all cyber security platforms within the domain.
• Orchestrating global response and action in response to Employee & Information Protection platform alerts in order to reduce immediate risk.
• Leadership of Employee & Information Protection platform incident responses. This role will often require personal flexibility, and may require work outside of core hours, to resolve incidents.
• Managing operational performance against KPIs. Ensure that all the Employee & Information Protection platforms within the domain are: globally consistent; effective and efficient; have the right technical adequacy and coverage; and are delivering the optimum risk reduction effect.
• Service availability & quality management of the Employee & Information Protection domain including demand management, service design, platform management, change management, licence management, and continual service improvement. Conduct regular service reviews.
• Proactive identification through KPI of Employee & Information Protection domain operational improvement programs and execution across all Vodafone global entities.
• Business management of the Employee & Information Protection domain with accountability for business cases, business benefits realisation, budget management, governance and investment deliverables, and KPIs.
• Accountability for delivery of projects within the Employee & Information Protection domain, ensuring that they have clear requirements and that any time, cost, and quality parameters are defined and maintained.
• The leadership of the global consolidation of platforms in Employee & Information Protection domain to the optimal posture.
• Management of large security vendor financial and operational relationships.
• Liaising with Cyber Security Risk, Control & Compliance to ensure that the Cyber Prevent roadmap is always aligned to Vodafone’s risk mitigation strategy with optimal risk reduction outcomes.
• Liaise with Cyber Security Demand to ensure that Employee & Information Protection domain business demands, projects and risk reduction activities are optimally scheduled and resourced.
• Adherence to Global Cyber Security governance, release, and project management standards and processes.
• Responsible for driving cross-functional Cyber Security & Cyber Prevent activities to increase the overall maturity and efficiency of the global team. This will include e2e process optimization and automation.
• Acting as an ambassador and role model for Global Cyber Security advocating for security best practices, and consistency in approach.

Apply if you have

• 
  Professional operational experience in cyber security operations or cyber security engineering, cyber security platform management.
• Track record of delivering cyber security platform operations in a complex & dynamic technology environment.
• Personal experience and judgment to be able to quickly determine the right operational treatment of cyber security platforms.
• Strong analytical skills to inform effective data-driven decisions on service improvement & risk reduction
• Ability to create strong virtual & matrixed teams across all Vodafone global entities. Creating coaching and learning environments. Knowing when to offer support to others and when to take personal accountability.
• Highly effective collaboration across globally dispersed teams in order to deliver the consistency, and risk reduction, outcomes required.
• Active & compelling engagement of people and stakeholders, across a broad range of internal and external stakeholders, up to and including the board level.
• Communicating & reporting concise summaries of complex scenarios & information across diverse and senior stakeholder groups.
• Desirable competencies, knowledge, and experience:
• Professional operational experience in Information Protection security operations, security engineering, and security platform management.
• Professional security qualifications such as CISSP or CISM.
• Program and project management experience in technology security.
• Understanding Cyber Security Risk and mitigation strategies
• Vendor management experience.
• Agile delivery using Scrum or Kanban methodologies
• Degree educated (or equivalent) in a relevant subject