Role Purpose :
The Head of Greece Cyber Security is accountable for leading all cyber security activities for Greece. He / She will make sure global cyber security risk reduction delivery initiatives are aligned with local market business and technology priorities.
His / Her primary role is to make sure the global cyber security strategy is effectively implemented in the local market and cyber risk is managed within tolerance.
The role holder will :
Work with the local Network and IT Director and the Vodafone Regional Cyber Security Lead to ensure adequate budget, resource and management focus is on cyber security risks and will be responsible for delivering a fully transparent budget planning and purchasing process for spend related to cyber security activities.
Be responsible for ensuring the risks for the local market, in terms of cyber security, are effectively managed and will drive forward the Cyber Security Baseline (CSB) strategic program within the local market with the technology support.
Act as a local control and facilitation point for cyber security related tasks and activities, which are executed in other parts of the local organisation in order to ensure a reliable end to end chain of responsibility from group to local technical execution.
Report to the Vodafone Regional Cyber Security Lead. The Head of Cyber Security plays an active role as a member of the local IT and Network Leadership Team, is able to understand business priorities and to get the right balance between local and global strategy delivery.
Key accountabilities and decision ownership :
To act as the single point of contact for the local market Cyber Security Community liaising with the Global Cyber Security Functions
Is accountable for the effective implementation of security in all local products and services within the local market (SecbyDesign), ensuring that all risks are effectively managed or mitigated
People leadership for a team of 7 local market employees.
Responsible for effectively capturing and monitoring the local market Cyber Security risks and managing these on the Group risk management platform
Responsible for ensuring all cyber security and risk management processes are optimised for maximum efficiency
Understand local security laws and regulations to make sure they are embedded into policy and controls.
Manage the cyber incident response function in the local market
The role holder is responsible for supporting the local market in achieving and maintaining operational excellence within the local market and achieving and maintain IS027001 standard for the local operations and data centres where appropriate
Responsible for ensuring that local cyber security is effectively resourced in terms of budget and people to effectively manage the local risk, working with the IT and Network Directors and Vodafone Regional Cyber Security Lead
Acts as the final security escalation point within the local market for all cyber security operational issues
Acts as the Sponsor for the global security programmes within the local market
Works closely with the Local and Group Corporate Security function, the Local and Group Internal Audit functions, the local Privacy and Legal teams to ensure adequate segregation of duties and effective end to end security for the local market
Responsible for ensuring all security technology purchases or solutions are in line with the group strategy
To identify and promote industry best practice for technology security, and security risk management for the local market
To be ultimately responsible and approve expenditure against cyber security OPEX and CAPEX budgets within the local market
To cooperate with all departments on remediation of vulnerabilities from information systems, through specific procedures development, reconfiguration, patches, implementation of additional mitigation controls
Core competencies, knowledge and experience :
Excellent network and IT security skills to enable the role holder to be viewed as a thought leader
Excellent leader of people with the ability to engage and inspire
Skilled in relationship management and collaboration skills harnessed towards delivering the right outcomes for Vodafone and our customers
Stakeholder management at senior levels
Expert knowledge of the project methodology and delivery processes that operate in a multinational company
Broad experience of delivering successful projects through virtual teams and suppliers
Broad experience of working in a Telecommunications or Data network or related service industry
ISO 27001 / SOX - PCI DSS GDPR knowledge
Experienced in Risk management, Compliance and Assurance
Excellent communication and reporting skills
Interpersonal skills, enthusiastic, reliable, team player and committed to Vodafone security strategic goals delivery actively
Must be result oriented professional
Must have technical / professional qualifications :
Hold a relevant degree on Computer Science, Engineering or IT
Excellent knowledge of English (speaking and writing)
Relevant experience in Telecom or banking sector in similar role.
Network and IT security skills to enable the role holder to ensure effective management & mitigation of security risks
Hands on experience in managing and responding to cyber security threats and incidents
Deep knowledge of Cyber Security threats and capability to assess business impact
Experience in leading roles into Security by Design processes
Information Security Policy authoring
Risk management best practices
New product and service security risk assessments
Certifications in the area of information security would be beneficial (e.g. : CISSP, CISM, CRISC, CEH, etc.)
Key performance indicators :
CSB score and detailed planning
Cyber Defence Incident Response
Delivery of global programme locally
Effective management of Cyber Security Risks
Effective implementation of Security by Design processes