CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

Information Security Risk & Architecture Specialist

India, Pune · Job Posted January 21, 2026
Apply Position
Job Link Share

Job Description

We are seeking a seasoned Information Security Risk & Architecture Specialist with 5–8 years of experience in IT security, particularly in perimeter security, risk assessment, and secure architecture design. This role is ideal for individuals with a strong foundation in ISO and NIST frameworks, cloud security, and threat landscape analysis. The successful candidate will collaborate with technical architects and internal teams to ensure secure application development and infrastructure design.

Job Responsibility

  • Conduct security architecture reviews and risk assessments for applications and infrastructure
  • Advise internal teams on secure design principles and collaborate with technical architects to evaluate and optimise proposed solutions
  • Apply knowledge of ISO27001, ISO31001, NIST, SANS, CIS, and other security frameworks to ensure compliance and best practices
  • Analyse and respond to global threat landscapes, including advanced persistent threats and emerging vulnerabilities
  • Implement and manage perimeter security technologies such as firewalls, VPNs, proxies, and network security tools
  • Create performance reports and presentations using data-driven insights to reflect trends and security posture
  • Promote secure development practices aligned with OWASP “Security by Design”
  • Understand and apply security controls across cloud platforms (AWS, Azure, GCP, Oracle) and data centres

Requirements

  • 5–8 years of experience in IT security
  • Extensive exposure to perimeter security and network management
  • Experience in conducting information security risk assessments across cloud, data centre, and application environments
  • Familiarity with security protocols and technologies such as PKI, SSL, IKEv1 & v2, and sandboxing
  • Knowledge of data privacy regulations including GDPR and information protection standards
  • Preferably certified in CCNA, CISM, CISSP, ISO27001 or ISO31001
  • Experience in the telecommunications industry is a plus

Nice to have

Experience in the telecommunications industry is a plus

What we offer

  • Opportunity to work on cutting-edge security architecture and risk frameworks
  • Exposure to global threat intelligence and advanced security technologies
  • Collaborative work environment with cross-functional teams
  • Professional development through certifications and industry best practices
  • Contribution to secure digital transformation in a global organisation
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Information Security Risk & Architecture Specialist

8 matching positions

Senior Information Security Specialist

SmartRecruiters is looking for a Senior Information Security Specialist to join ...
Location
Location
Poland
Salary
Salary:
Not provided
smartrecruiters.com Logo
SmartRecruiters
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in information security, governance, risk, and/or compliance roles with a technical orientation
  • Demonstrated compliance or auditing experience with at least one major framework
  • Hands-on experience with incident response - including participation in security incident investigations, containment, and post-mortem processes
  • Solid understanding of controls auditing principles and evidence management
  • Technical understanding of cloud infrastructure (AWS preferred), networking fundamentals, identity management, and SaaS security architectures
  • Knowledge of risk management methodologies and experience conducting or supporting risk assessments
  • Ability to manage and deliver on multiple complex projects simultaneously, with minimal supervision
  • The ability to investigate, question, and interpret internal and external IT security and compliance issues at both a governance and technical level
  • A strong understanding of technology, cloud-based products, and SaaS environments
  • Experience working across business units and geographical boundaries to engage engineering, business, and operational teams
Job Responsibility
Job Responsibility
  • Identify manual, repetitive GRC processes and design automation blueprints to streamline them, including evidence collection, control monitoring, access reviews, policy enforcement checks, and compliance reporting
  • Build and maintain automated workflows using compliance platforms, scripting, or integration tools to reduce manual effort and improve audit-readiness
  • Develop reusable templates, playbooks, and standardised blueprints for recurring GRC activities (e.g., vendor assessments, internal audits, risk reviews) to ensure consistency and scalability
  • Collaborate with engineering and IT teams to integrate security and compliance checks into existing toolchains and CI/CD pipelines where applicable
  • Continuously evaluate and improve GRC tooling, data flows, and reporting to drive operational efficiency across the team
  • Manage stakeholder expectations and partner with internal teams to ensure effective management of IT risks and compliance obligations
  • Maintain regional and local stakeholder relationships, meeting schedules, minutes, and reports
  • Support the maintenance of the SOC 2 Type II framework, including evidence collection, control testing coordination, and audit support
  • Effectively manage ISO 27001 and ISO 22301 audit lifecycles and coordinate with stakeholders on ISMS and BCMS improvements
  • Support the maintenance and continuous improvement of the ISO 42001 (AI Management System) framework in alignment with the EU AI Act
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in sa...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent professional experience)
  • Minimum 7 years of experience in information security, IT risk management, or cybersecurity compliance, preferably in a federal or state agency environment
  • Demonstrated experience applying and interpreting NIST 800-53, OWASP, and DISA STIGs in real-world projects
  • Strong hands-on technical background in networking, system administration, or software development
  • Proficiency with SIEM tools—especially Splunk—for event correlation, alerting, and compliance reporting
  • Familiarity with Agile development environments and DevSecOps principles
  • Strong written and verbal communication skills, with the ability to create reports and briefings for technical and non-technical stakeholders
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical controls throughout the system development lifecycle (SDLC)
  • Identify and assess emerging security risks, weaknesses, and vulnerabilities associated with infrastructure, applications, and operations
  • Collaborate with developers and engineers to ensure identified risks are mitigated and documented effectively
  • Ensure compliance with federal and industry security standards including NIST SP 800-53, OWASP Top 10, Common Criteria, DISA STIGs, and SANS Institute recommendations
  • Support and contribute to Authorization to Operate (ATO) packages, including preparation of SSPs, POA&Ms, and continuous monitoring (ConMon) artifacts
  • Advise on policy alignment and security architecture improvements to support secure Agile delivery
  • Apply technical knowledge of networking, system administration, and development to assess the security posture of enterprise environments
  • Utilize Splunk to perform audit log analysis, generate system alerts, and support threat hunting and incident response activities
  • Recommend and implement automated logging, monitoring, and security reporting processes
  • Engage proactively with Agile development teams, product owners, and ISSOs to embed security into project planning and delivery
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Senior Information Assurance & Risk Specialist

We’re looking for a highly skilled Senior Information Assurance & Risk Specialis...
Location
Location
United Kingdom , Oxford or Hampshire
Salary
Salary:
Not provided
datacareers.co.uk Logo
DataCareers
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong technical security background (cloud, MS stack, architecture, modern tech risks)
  • Applied IA experience: NIST, security controls, risk assessment
  • Ability to coach others and communicate clearly with non-technical stakeholders
  • Experience in a regulated environment (policing, HMG, MoD or similar)
  • Collaborative, proactive approach with high integrity
  • Act as a visible advocate for high standards of information assurance
  • Relevant professional qualifications (e.g. CISSP, CISMP, Information Security certifications) are also preferred
  • A full UK driving licence is essential due to travel and operational flexibility requirements
  • Five years of continuous UK residency to enable the necessary background checks to be completed
Job Responsibility
Job Responsibility
  • Lead SyAP assessments
  • Produce high-quality assurance evidence
  • Help align policies and standards with national expectations
  • Uplift colleagues through mentoring
  • Translate complex concepts into plain language
  • Support a maturing IA function
  • Assess security controls
  • Guide secure-by-design decisions
  • Support the organisation in managing risk across both established and emerging technologies
  • Bring clarity, rigour and practical insight to ensure decisions are safe, proportionate and evidence-based
What we offer
What we offer
  • 30 days annual leave plus bank holidays
  • Hybrid and flexible working arrangements
  • Career development pathways and continuous professional learning
  • A wide range of wellbeing support services and staff networks
  • Lifestyle and discount schemes
  • Local Government Pension Scheme
  • Fulltime
Read More
Arrow Right

Information Security Expert

We are looking for an independent and highly skilled Information Security Expert...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Typically 6-8 years of experience in internal audit, security auditing, IT risk, compliance, or similar specialist roles
  • Proven experience auditing SaaS environments and cloud architectures is a strong plus
  • Demonstrated experience testing actual operational control effectiveness using direct system evidence and technical configurations
  • Solid understanding of IT platforms, applications, security architectures, and Identity and Access Management (IAM), including RBAC, PAM, access governance, and user lifecycle controls
  • Strong familiarity with industry standards and compliance frameworks such as ISO 27001, SOC 2, NIST, CIS, and GDPR
  • Comfort working in a hybrid, DevOps, and Agile environment
  • Full professional fluency in English (the working language of the team)
  • Ability to work in a hybrid setup (1-2 days per week from the office)
  • Willingness to travel abroad as required for audit-related activities
Job Responsibility
Job Responsibility
  • Conduct detailed technical analyses, evidence gathering, root-cause identification, and actionable reporting
  • Evaluate control designs versus actual operational effectiveness using direct system evidence rather than design intent alone
  • Provide key insights into technical gaps, emerging security risks, and strategic improvement opportunities
  • Lead and conduct thorough end-to-end audits of systems, processes, SaaS platforms, and third-party vendors
  • Analyze technical configurations, including access controls, authentication mechanisms, security settings, and system behaviors
  • Review and interpret log files, audit trails, and system monitoring data to validate control effectiveness and locate weaknesses
  • Evaluate cloud, SaaS, and platform architectures against shared responsibility models to call out security and ownership gaps
  • Actively engage and collaborate with internal and external stakeholders, including Risk, Procurement, Contract Owners, and suppliers
  • Work aligned with DevOps & Agile methodologies within an international team
Read More
Arrow Right

Information Security Architect - Telephony / IoT / Cloud / Apps / AI

We have a 6-month contract to hire position open for a Security Architect role. ...
Location
Location
United States , Roseville
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Cybersecurity, or related field
  • Master's preferred
  • 7+ years of progressive experience in Information Security Architecture & Operations roles
  • Certifications: CISSP, CCSP, SABSA, CISM, TOGAF, AI Security Specialist
  • Deep understanding of network, cloud, and application security across telecom, IT, and IoT ecosystems
  • Experience designing and securing AI/ML platforms including governance of LLMs and agentic AI tools
  • Proven experience with regulatory frameworks (FCC, HIPAA, NIST, ISO 27001)
  • Hands-on experience with cloud-native security (AWS, Azure, GCP) and Dev Sec Ops tooling
  • Experience with endpoint detection and response (EDR) platforms, ideally Crowdstrike
  • Hands-on expertise with vulnerability management and SIEM platforms, including Rapid7
Job Responsibility
Job Responsibility
  • Develop and maintain the enterprise security architecture framework covering IT, telecom, mobile, and IoT platforms
  • Lead & partake in enterprise-wide cybersecurity initiatives, aligning with industry frameworks (NIST, ISO, CIS)
  • Define zero-trust architecture patterns for multi-cloud (AWS, MS Azure) and hybrid environments
  • Evaluate and recommend new security technologies and processes to address evolving threats
  • Define and ensure clear direction for configuration, monitoring, and hardening of Cisco security infrastructure including firewalls, VPNs, and intrusion prevention systems
  • Define and oversee policies & guidelines for vulnerability management programs, and leveraging tools such as Rapid7
  • Ensure security-by-design principles are embedded in all technology initiatives, including product development and infrastructure modernization
  • Partner with Enterprise Architecture and Tech Ops teams to align security blueprints with overall technical standards and business capabilities
  • Define AI/ML and Agentic AI security guardrails, including model access, prompt sanitization, model drift monitoring, and data provenance controls
  • Develop governance policies for secure use of AI APIs, LLMs, and autonomous agent frameworks
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right

AI Security Specialist

The Senior Security Services Architect at NTT DATA will design secure, multi-yea...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced proficiency in Security Managed Services, including knowledge of network security, cloud security, endpoint security, IAM, and DATA protection
  • Strong understanding of Managed Services service and delivery models, such as cloud, global, and distributed models
  • Up-to-date knowledge of emerging trends in technology, Managed Services integration, and security
  • Strong analytical abilities to assess and analyze DATA and input
  • Effective communication skills with the ability to articulate potential improvements and value to stakeholders, including senior decision-makers
  • Experience facilitating workshops with clients and internal teams to discover requirements and present solutions
  • Ability to work collaboratively within a team, especially in a matrixed organization
  • Bachelor’s degree in information technology/systems or a related field
Job Responsibility
Job Responsibility
  • Orchestrating the development of secure, multi-year service solutions and integrating technology and service design within the security domain
  • Working across multiple teams to design, test, and validate new features and delivery models, continuously improving our Managed Service offerings to stay competitive and mitigate risks
  • Engaging with clients, mapping their requirements, leading end-to-end solution development, and supporting sales teams in presenting the architecture solutions
  • Leveraging security know-how to drive conversations around cost savings and growth opportunities
  • Ensuring the service design deliverables of the solution are aligned with commercial models
  • Guiding the transition to service delivery teams, providing a smooth handover and maintaining a high level of client satisfaction throughout the project lifecycle
  • Providing coaching and mentorship to other team members, sharing knowledge of emerging trends and best practices in security
  • Being responsible for vendor management and ensuring all service costs are accurately recorded
  • Fulltime
Read More
Arrow Right

Offensive Security Specialist

Deel is seeking a highly skilled Offensive Security Specialist with deep experie...
Location
Location
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience in Red Teaming, Offensive Security, or Penetration Testing (or exceptional accomplishments that demonstrate equivalent expertise)
  • Deep expertise in offensive security operations within modern and cutting-edge technology environments, with a history of simulating sophisticated threats against complex systems
  • Experience designing, developing, or assessing the security of a wide range of systems, including web and mobile applications, network and cloud infrastructure, microservices, and AI-powered platforms
  • Demonstrated mastery in evaluating complex technology stacks, including containerized and Kubernetes environments, CI/CD pipelines, various operating systems, cutting-edge technologies, and AI-powered platforms and systems
  • Strong understanding of trust boundaries and dynamic risk assessment, with the intuition to identify where security assumptions break down in complex, evolving architectures
  • Coding and scripting skills, with the ability to develop robust custom tools and automation to support offensive operations
  • Ability to communicate complex technical concepts to diverse audiences effectively, including through compelling storytelling and narrative techniques to convey the implications of security issues
  • Proven track record of not only discovering critical vulnerabilities but also driving their remediation, contributing fixes or mitigation strategies in complex codebases
Job Responsibility
Job Responsibility
  • Perform comprehensive penetration testing on our diverse suite of products and services to uncover security flaws before adversaries can exploit them
  • Design and execute adversary emulation engagements aligned with the MITRE ATT&CK framework and real-world tactics, techniques, and procedures (TTPs) to ensure our simulations mirror actual threat actors
  • Continuously hunt for vulnerabilities across our web and mobile applications, as well as within our underlying infrastructure and cloud environments, proactively identifying security vulnerabilities
  • Perform specialized penetration testing on AI-based systems and platforms, evaluating the security of machine learning applications and related technologies for novel vulnerabilities
  • Conduct targeted cyber threat intelligence research to inform offensive operations, ensuring that red team scenarios are based on current and relevant threat actor behaviors and support investigations
  • Design and execute phishing campaigns and other social engineering exercises to test and improve organizational awareness and resilience against human-focused attacks
  • Develop custom exploits, tools, and automation to enhance red team operations, enabling more efficient and stealthy attack simulations and the ability to bypass advanced security controls
  • Conduct purple team operations that simulate realistic attack scenarios to test our organization’s detection and response capabilities
  • Partner with defensive security and engineering teams to translate findings into measurable security improvements - Enhancing detection, response, and mitigation capabilities
  • driving timely remediation through robust fixes and delivering clear, actionable communications that articulate risk, impact, and required change
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right

System Security Specialist

Assurit is currently seeking an experienced System Security Specialist to suppor...
Location
Location
United States , Maryland
Salary
Salary:
Not provided
assurit.com Logo
Assurit
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Information Security, Computer Science, Engineering, or related field
  • or equivalent professional experience
  • Proven ability to interpret complex requirements and review technical documentation for accuracy and relevance
  • Exceptional oral and written communication skills
  • Strong analytical and problem-solving skills with the ability to provide expert guidance in high-impact environments
  • Experience supporting large-scale, secure, and regulated IT environments
  • 7+ years of highly specialized experience in one or more security disciplines, including: Penetration testing
  • Intrusion detection or audit analysis
  • Public Key Infrastructure (PKI)
  • Cryptography
Job Responsibility
Job Responsibility
  • Provide expert-level advisory support and analysis across information, computer, and network security disciplines
  • Review requirements, technical documentation, and task materials for accuracy, applicability, and alignment with security best practices
  • Conduct detailed assessments of security risks, architectures, and operational processes
  • Evaluate and advise on security controls, system configurations, and emerging threats
  • Support specialized security activities such as penetration testing, intrusion detection analysis, risk assessments, or PKI reviews based on expertise
  • Communicate complex technical concepts clearly to both technical and non-technical stakeholders
  • Develop clear documentation, findings, and recommendations that support program decisions and security improvements
  • Collaborate with engineers, analysts, and leadership to validate requirements and ensure accurate technical implementation
  • Assist in developing or refining security standards, procedures, and guidance
What we offer
What we offer
  • medical and dental coverage
  • paid time off
Read More
Arrow Right