Senior Specialist: Secure By Design

When it comes to putting people first, we're number 1. The number 1 Top Employer in South Africa. Certified by the Top Employer Institute 2025. Role Purpose The primary purpose of the role is to work within a team of Secure by Design and Security Architecture professionals, in collaboration with the Privacy and Business Risk Teams to Perform Secure by Design Assessments against Vodacom policies and standards. Your responsibilities will include: Identify potential cyber security risks for new products, services and operations and identify controls to minimise, mitigate or remove those privacy and security risks Review Design and implementation of the identified controls to ensure they are built into the product (at Design & Build stages) Provide assurance that privacy and security controls have been implemented before the product goes "live" and product complies with Vodacom/Vodafone Security requirements and applicable laws (at Test & Go-Live stages) Assess security and privacy risks arising from changes to existing live products that impact the processing of personal data (In-Life) Ensuring security and privacy risks are addressed when decommissioning these products (Decommissioning) You will also be required to drive the delivery of Cyber Security strategy and maturity improvement or risk reduction initiatives into the business unit(s) to which you will be assigned, monitor progress against agreed targets with the objective of safeguarding Vodacom Infrastructure and customer data from Cyber threat actors. This role will involve working with Business unit, Cyber and IT stakeholders in Vodacom South Africa to drive out Cyber Security baseline requirements - Some of these responsibilities may extend to collaboration with Group Cyber Security and other operating companies to ensure that cyber security controls are consistently applied across markets. The ideal candidate for this role will have: 3 year Technical Diploma/Degree in Information Security, Computer Science or Engineering An industry certification. The CISSP is strongly preferred, however CCSP, OSCP, CISM, CISA or other relevant certifications will be considered. Security/IT Architecture qualifications such as SABSA, TOGAF etc and relevant security architecture experience will be an added advantage Minimum of 5 years of experience in a Cyber Security role Knowledge of common information technology management / compliance frameworks such as ISO/IEC 27001, NIST CSF, ISF, PCI DSS, OWASP, SANS etc. A deep understanding of Technology Security risks and mitigating solutions A diverse security background with knowledge and experience in three or more of the Security Domains including: Security Assessment and Testing; Software Development Security; Security Governance and Risk Management; Security Architecture and Engineering; Communication and Network Security; Identity and Access Management; Security Operations; Asset Security. Knowledge of operating systems such as Windows and Linux and how to secure them Knowledge of Cloud and container technologies such as AWS/GCP/Azure, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management will be an added advantage. Specialist knowledge or experience in either, DevSecOps, Application Security, Security Architecture or Offensive Security will be an added advantage. Ability to work under time and resource pressure An ability and desire to collaborate and communicate with a broad set of stakeholders, including senior management. A customer-focused, responsive, and transparent attitude What's in it for you Who we are We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same. Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included. If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance. Together we can.