Role Purpose :
The purpose of the role is to support the local Information Security and Data protection function. Supporting the relevant activities by ensuring compliance with the applicable policies, as well as assuring that the relevant systems / mechanisms are in line with the relevant policies and regulatory framework, in order to assure data protection.
The role holder will be responsible for
Information Security and Data Protection matters by ensuring the appropriate technical and organizational controls are in place.
Supporting the design and the implementation of the security plans that ensure the highest level of compliance with Security standards (ISO 27001), local regulations and laws (ADAE, DPA).
Supporting the Security Log Management function in the context of compliance with the Hellenic Authority for Communication Security and Privacy.
Support Vodafone Greece initiatives and projects in the area of Information Security and Data Protection in alignment with the 5G Security Toolbox and the NIS Directive.
Key accountabilities :
Support the local deployment of Vodafone’s Global Privacy Strategy and policies across the organisation through the implementation of a Privacy Risk Management System.
Assuring performance of the local Vodafone Information Security Management System
Maintenance of security log management solution and alert monitoring (during working hours)
Support the ISO 27001 - ISMS certification process on an annual basis
Third party security management for monitoring compliance with contracted requirements
Build and maintain positive cross- functional relationships with other teams and people in the organisation that play a key role in delivering compliance with policy and legal requirements as reflected in the Privacy Risk Management System.
Promote security and privacy awareness across the organisation
Play an active and constructive role in the governance mechanisms set out in the components of the Privacy Risk Management System as well as the Information Security Management System through regular assessments and reviews.
Identify the Information Security, Data Privacy Risks, provide input for the composition of VF-GR strategic plan, amend the relevant company policies, propose relevant controls and mechanisms and ensure their effective implementation.
Core competencies, knowledge and experience :
At least 4 years of working experience in a relevant field
Knowledge of statutory and regulatory requirements
Excellent team working and project management skills
Very good communication and negotiation skills.
Demonstrated growth mindset
Experience leading successful risk management programs
Proven track record of pragmatism, sound judgement, and balanced risk management
Understanding of Mobile and Fixed Communications and relevant Products and Services
Deep understanding of modern information technology systems and cybersecurity
Fluent with modern collaboration tools
Must have technical / professional qualifications :
University degree in Computer Science, Telecommunications, Engineering or related field
MSc or PhD in Information Security / Privacy (desired)
Relevant Certifications (CIPP, CISSP, CISM, CISA) (desired)
What's in it for you :
Hybrid way of Working
Private Health & Medical Insurance
Extra days-off : We love mothers 4 months extra paid off-period!
Gym, Sports, Excursion weekends & Special events
Restaurant, entertainment areas, hairdresser, etc.
Needless to say, we cater for your communication wherever you are
Come as you are. We love when people feel they can be themselves at work
LI-Hybrid #Vodafonespirit #Togetherwecan