Vodafone

Cyber Security Specialist – GRC

Vodafone

full-time

Posted on:

Location Type: Hybrid

Location: Portugal

Visit company website

Explore more

AI Apply
Apply

Tech Stack

Cyber Security

About the role

  • As a Cyber Security Specialist, you will be integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance.
  • You will be responsible for contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance.
  • You will act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness.
  • You will be responsible for ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities.
  • You will follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions.
  • You will report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others.

Requirements

  • Degree, professional qualification or relevant experience in Technology Security
  • Experience in cyber security risk management, governance and control frameworks
  • Experience supporting risk registers, control assessments, audits or assurance activities
  • Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
  • Strong understanding of cyber security threats and ability to assess business and operational impact
  • Experience working with policies, standards, controls and compliance requirements
  • Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
  • Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
  • Fluency in the English language
Benefits
  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cyber security risk managementsecurity governancecontrol assurancerisk registerscontrol assessmentsauditsISO/IEC 27001NISTCOBITinformation security standards
Soft Skills
strong communication skillsability to explain cyber riskscollaborationbalancing security and business needsworking across technical and non-technical stakeholders
Certifications
degree in Technology Securityprofessional qualification in Technology Security