CrawlJobs Logo
Vodafone Logo Vodafone · IT - Administration

IT Security Control & Policy Expert

Romania, Iasi · Job Posted February 16, 2026
Apply Position
Job Link Share

Job Description

We are seeking an IT Security Control and Policy professional to ensure full adherence to security policies and compliance frameworks across Vodafone organisations. The role focuses on assessing and improving internal controls, aligning with international standards such as ISO/IEC 27001 and ISO/IEC 22301, supporting internal and external audits, and collaborating closely with Cyber Security and technical teams. The individual will also define remediation actions, support automation initiatives, and help mitigate risks across infrastructure, applications, and operational environments.

Job Responsibility

  • Coordinate and monitor adherence to security controls and policies across Vodafone organisations
  • Conduct regular reviews of processes, identify audit findings, and define improvement initiatives
  • Facilitate communication between departments, auditors, and relevant stakeholders
  • Review security documentation, ensuring alignment with impacted teams and accurate collection of requirements
  • Define corrective and preventative actions for identified risks and ensure completion within agreed timelines
  • Develop automated workflows to support security control assessments
  • Work with databases for design and modelling to improve data accuracy in control processes
  • Support the implementation and assessment of controls, including participation in technical discussions
  • Contribute to integration activities such as API-level data flows using TypeScript and NestJS
  • Prepare and submit structured evidence packages for internal and external audits
  • Conduct risk assessments and support risk management initiatives
  • Develop pipelines to support data ingestion for security control assessments

Requirements

  • At least five years of experience in IT or datacentre environments
  • Strong knowledge of servers, compute environments, storage, databases, networks, and private/public cloud technologies
  • Hands-on experience with compliance and security frameworks, including ISO 27001, SOX, and PCI‑DSS
  • Strong organisational and self‑management skills, with the ability to manage multiple priorities
  • Communicate clearly and collaboratively with stakeholders at all levels
  • Fluent in English
  • Technical expertise, including experience in Linux, containerisation, microservices, and full‑stack development
  • Hold relevant industry certifications such as ITIL v3 – ST, SO, or ISO/IEC 2000 Consultant

What we offer

  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Special Paternal Program - 4 months of paid paternity leave
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

IT Security Control & Policy Expert

8 matching positions

Security Control Assessor (SCA) Professional– Level IV/Subject Matter Expert (SME)

Arcfield's Cyber programs are expanding and are currently in need of Level IV/ S...
Location
Location
United States , Chantilly
Salary
Salary:
Not provided
arcfield.com Logo
Arcfield
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must possess and be able to maintain a TS/SCI clearance with polygraph
  • BA/BS or higher STEM degree
  • BS 8-10 years of experience, MS 6-8 years of experience, PhD 3-5 years of experience
  • SCA experience
  • Certifications (At least one of the below): CAP, CASP, CISM, CISSP (or Associate), GSCL, CGRC/CAP, Cloud+, CYSA+, GSEC, PenTest+
  • Relevant experience in technical project management
  • Advanced IS security skills and knowledge
  • Familiarity with IA concepts
  • Ability to review and recommend vulnerability and risk levels associated with SW and HW products
  • Practical experience developing and implementing security related directives
Job Responsibility
Job Responsibility
  • Review and assess information systems (IS) for compliance with IC, DoD, and ND guidelines
  • Provide IS security advice and guidance to government and industry partners
  • Advise Information System Owners (ISO) on confidentiality, integrity, and availability impact values
  • Offer technical guidance for Authorization and Accreditation (A&A) responses
  • Evaluate IS threats and vulnerabilities, recommending additional safeguards as needed
  • Support development and implementation of NRO IT-IA-IM policies
  • Contribute to future NRO IS security policy development
  • Conduct site visits and assessments, prepare written reports for government approval
  • Ensure completion of security control assessments for each IS
  • Support RMF process-related presentations, briefings, and reports
  • Fulltime
Read More
Arrow Right

IT Security Lead

We are looking for an IT Security Lead to design, implement, and manage our corp...
Location
Location
Salary
Salary:
Not provided
rubylabs.com Logo
Ruby Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • At least 5 years of experience in IT security engineering or infrastructure security roles
  • Proven track record of building corporate security infrastructure from the ground up
  • Strong automation (for example n8n, getcakewalk, Slack workflows, jumpcloud, etc) and basic REST API knowledge
  • Deep understanding of IT security operations (SecOps) best practices and frameworks
  • Strong engineering background with experience in infrastructure design and implementation
  • Hands-on experience with Google Workspace administration and security configuration
  • Expert knowledge of identity and access management, including user provisioning and deprovisioning workflows
  • Experience with SSO, SAML, OIDC, and identity federation technologies
  • Knowledge of Docker
  • Experience with IAM automation and orchestration
Job Responsibility
Job Responsibility
  • Design and build operations security infrastructure and IAM from scratch
  • Develop, implement, and maintain comprehensive security policies, strategies, and protocols
  • Deploy and manage security tools and solutions
  • Utilize MDM software with other products to ensure organization-wide device security compliance
  • Establish and enforce remote work security standards
  • Design and implement access structure using identity provider
  • Manage user provisioning and deprovisioning workflows
  • Automate access lifecycle management
  • Control and audit access permissions
  • Implement and maintain identity federation technologies
What we offer
What we offer
  • Remote Work Environment
  • Unlimited PTO
  • Paid National Holidays
  • Company-provided MacBook
  • Flexible Independent Contractor Agreement
  • Fulltime
Read More
Arrow Right

Cyber Security Policy Analyst

The Cyber Security Policy & Advisory Analyst plays a key role in ensuring techno...
Location
Location
United States , New York
Salary
Salary:
55.00 - 58.00 USD / Hour
lorienglobal.com Logo
Lorien
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-10 years in Cyber or Information Security
  • Strong knowledge of IAM, Data, Cloud, OT, Infrastructure, and Application Security
  • Experience with cyber risk assessments, architecture reviews, or control evaluations
Job Responsibility
Job Responsibility
  • Lead cyber security assessments for new and existing systems
  • Review solution architectures and lifecycle controls for policy and standards compliance
  • Provide expert advisory on cyber risks, control gaps, and mitigation options
  • Investigate, analyze, and document cyber risks within established risk management processes
  • Contribute to automated controls, continuous compliance monitoring, and integration of compliance checks into delivery pipelines
Read More
Arrow Right

Cyber-Security Policy Administrator

This position is for a Cybersecurity Policy Administrator supporting the ALTESS ...
Location
Location
United States
Salary
Salary:
Not provided
e-9corporation.com Logo
E9 Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • DoD 8570.01-M IAM level II certification
  • CompTIA Security+
  • Computing Environment (CE) Certification (i.e., MCSE, Server+, etc.) – can be waived for 30 days after project join date
  • Mid to senior level Cybersecurity Policy Administrator experience in a cloud environment
  • Strong verbal and written communication skills
  • Experience effectively managing multiple large-scale projects
  • Understanding of network, storage, server and application technologies
  • Working knowledge of DoD STIGs, and IA Vulnerability Management (IAVM)
  • Information Assurance Engineer – Senior: Masters +10yrs, or Bachelors +12yrs
  • Information Assurance Engineer – Intermediate: Bachelors +5yrs or Associates +7yrs
Job Responsibility
Job Responsibility
  • Serve as overall subject matter expert on Cybersecurity Policy Administration
  • Work between technical and policy teams to implement, maintain and monitor technical security configuration controls, including: STIGs, SRGs and other industry security hardening guidance
  • Work between technical and policy teams to successfully implement and manage requirements for maintaining cloud P-ATO, ATO and security control inheritance capabilities
  • Collaborate with internal and external parties to transform high-level technical objectives into comprehensive technical requirements
  • Act as the ISSO for hosted systems, assuming the responsibilities as outlined in AR 25-2
  • Assist hosted customers in obtaining and maintaining RMF for DOD IT and other certifications as required
  • Update and/or assist the hosted system’s personnel in updating artifacts of the accreditation package and store the artifacts in organizationally defined repository
  • i.e., system diagram (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
  • Assist in the preparation of network infrastructure specifications or designs incorporating required information security features
  • Review and evaluate Information Systems Design Plans, Continuity of Operation Plans, Communication Plans, engineering change proposals and configuration changes for compliance with relevant security regulations, policies and best industry practice
Read More
Arrow Right

IT Expert - Tier 1

Are you passionate about analyzing and solving IT issues for clients? Do you wan...
Location
Location
United States , Durham
Salary
Salary:
Not provided
netfriends.com Logo
Net Friends
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Two-year associate degree OR 2+ years related experience and/or training, specifically service industry experience and customer support
  • Proficiency with macOS operating systems and hardware
  • Extensive MS Windows OS professional support experience
  • Windows Server 2012-2022 operating systems
  • Experience using remote control software to provide desktop support
  • Experience organizing and following complex and/or detailed technical procedures to provide desktop computing hardware and software installation
  • Experience troubleshooting technical issues involving all manner of hardware, software, server, network, and data backup configurations
  • Microsoft tools (Azure AD, Microsoft 365, Microsoft Endpoint Manager)
  • Google Workspace administration and support (Gmail, Drive, Calendar, user management, security settings)
  • Accounts, Permissions, and Policies in an Active Directory domain environment
Job Responsibility
Job Responsibility
  • Handling all aspects of inbound customer requests during designated shifts via assigned communication queues
  • Performing initial investigations into support requests
  • Being accountable for responding to and meeting our SLA requirements
  • Establishing and maintaining both customer and internal documentation
  • Performing initial (and ongoing) client and situational assessments
  • Providing problem-solving, troubleshooting, and proper escalation of issues
  • Engaging clients and assisting with consultation and basic technology training
What we offer
What we offer
  • Company-paid health, dental, vision, disability, life, and AD&D insurance for employee, and additional health insurance plan options available
  • 401K plan with match
  • Monthly phone, internet, and travel stipend
  • Up to three weeks of flexible Paid Time Off (PTO) in year one of employment, increased to four weeks annually after the first year
  • Five days of Paid Sick Leave (PSL) annually
  • Eight Paid Holidays
  • Professional development resources
  • Fulltime
Read More
Arrow Right

Group Policy Object (GPO) Administrator - Expert level Systems Engineer

BAE Systems, a top-ten prime contractor to the U.S. Department of Defense, enabl...
Location
Location
United States , Herndon, Virginia
Salary
Salary:
149603.00 - 254317.00 USD / Year
baesystems.com Logo
Baesystems
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of a Bachelor's degree
  • 11 years of relevant experience in an IT environment
  • Detail oriented and methodical
  • In-depth knowledge of Windows O/S
  • In-depth knowledge of Microsoft Group Policy
  • Working knowledge of Microsoft Excel
  • Experience with creation and deployment of workstation and user GPOs in a Windows environment
  • Must be able to obtain Top Secret/SCI Polygraph clearance
  • U.S. Person required
  • U.S. Citizenship required
Job Responsibility
Job Responsibility
  • Respond, research, and troubleshoot incident tickets and address system anomalies
  • Review security scans and remediate findings via the GPOs
  • Create and implement Group Policy Objects to manage and enforce security settings, software installations, and user experience across the enterprise
  • Configure GPOs to control user and computer settings, such as password policies, account lockout policies, and software restrictions
  • Perform regular audits to ensure compliance with organizational policies and regulatory requirements
  • Configure group policy preferences to manage user and computer settings such as mapped drives, printers, and registry settings
  • Develop and implement GPO risk mitigation
  • Document new GPO policy changes to include referencing JIRAs, CHG requests or incident numbers
  • Coordinate changes and outages with operations team
  • Collaborate with other engineers on policy and compliance efforts
What we offer
What we offer
  • Health, dental, and vision insurance
  • Health savings accounts
  • 401(k) savings plan
  • Disability coverage
  • Life and accident insurance
  • Employee assistance program
  • Legal plan
  • Discounts on home, auto, and pet insurance
  • Paid time off
  • Paid holidays
  • Fulltime
Read More
Arrow Right
New

Principal AI Architect

Wells Fargo is seeking a visionary Principal Systems Architect to shape the futu...
Location
Location
United States , Iselin
Salary
Salary:
159000.00 - 305000.00 USD / Year
https://www.wellsfargo.com/ Logo
Wells Fargo
Expiration Date
June 25, 2026
Flip Icon
Requirements
Requirements
  • 7+ years of architecture experience
  • 7+ years of experience creating strategy
  • 2+ years of AI, GenAI, and Agentic AI solutions with Model Risk Management (MRM) and Artificial Intelligence Risk Review (AIRR) governance requirements
Job Responsibility
Job Responsibility
  • Act as an advisor to leadership to develop or influence applications, network, information security, database, operating systems, or web technologies for highly complex business and technical needs across multiple groups
  • Lead the strategy and resolution of highly complex and unique challenges requiring in-depth evaluation across multiple areas or the enterprise, delivering solutions that are long-term, large-scale and require vision, creativity, innovation, advanced analytical and inductive thinking
  • Translate advanced technology experience, an in-depth knowledge of the organizations tactical and strategic business objectives, the enterprise technological environment, the organization structure, and strategic technological opportunities and requirements into technical engineering solutions
  • Provide vision, direction and expertise to leadership on implementing innovative and significant business solutions
  • Artificial Intelligence (AI) and Innovation - Promote a data-driven culture and drive architecture led-innovation
  • Lead architecture alignment for AI, GenAI, and Agentic AI solutions with Model Risk Management (MRM) and Artificial Intelligence Risk Review (AIRR) governance requirements, ensuring designs support required risk assessments, approvals, and enterprise control expectations
  • Partner with Model Risk Management, BCM, Legal, Compliance, Cyber, Data Use Assessment, and Risk Assessable Unit (RAU)-aligned stakeholders to ensure AI-enabled solutions are designed for appropriate model risk ranking, validation, explainability, control uplift, and readiness for AIRR and related tollgates where applicable
  • Define architecture patterns and engineering guardrails that support responsible AI, including traceability, monitoring, auditability, human-in-the-loop controls, secure data usage, resiliency, and change management across the AI service lifecycle
  • Ensure target-state architectures and implementation roadmaps account for post-deployment monitoring, control sustainability, and re-assessment triggers associated with model changes, scope expansion, data/input changes, platform changes, and evolving regulatory requirements
  • Advise business, product, and engineering leaders on how to accelerate AI adoption while meeting enterprise expectations for risk governance, model oversight, policy adherence, and safe deployment at scale
What we offer
What we offer
  • Health benefits
  • 401(k) Plan
  • Paid time off
  • Disability benefits
  • Life insurance, critical illness insurance, and accident insurance
  • Parental leave
  • Critical caregiving leave
  • Discounts and savings
  • Commuter benefits
  • Tuition reimbursement
  • Fulltime
Read More
Arrow Right
New

Senior Critical Environment Technician (CET) - Controls SME

As a Senior Critical Environment Technician (CET) - Controls SME in Microsoft’s ...
Location
Location
United States , Phoenix
Salary
Salary:
34.13 - 56.54 USD / Hour
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • High School Diploma, GED, or equivalent
  • 3+ years mission critical services work/applied learning experience (e.g., high availability assembly/manufacturing/critical infrastructure environments such as data centers, oil and gas refineries, hospitals, pharmaceutical, manufacturing, or related fields) OR equivalent experience
  • 1+ year(s) experience in a specialized area (e.g., mechanical field, electrical field, controls field) or related field
  • Ability to meet Microsoft, customer and/or government security screening requirements are required for this role. These requirements include, but are not limited to the following specialized security screenings: Microsoft Cloud Background Check: This position will be required to pass the Microsoft Cloud background check upon hire/transfer and every two years thereafter
Job Responsibility
Job Responsibility
  • Understands, follows, and ensures safety and security requirements (e.g., job hazard assessments [JHAs], toolbox talks), and business processes and procedures are met, to properly perform work in a safe, quality, and reliable manner in accordance to applicable Authority Having Jurisdiction (AHJ) regulations, and Microsoft requirements
  • Recognizes safe versus unsafe working conditions and responds accordingly (e.g., stop/pause tasks, stand down vendors where necessary)
  • Escalates immediately when unsafe working conditions are observed and promotes a safe working culture to empower less experienced team members
  • Participates in required meetings, trainings, and necessary handoffs
  • Proactively assesses and shares current and emerging security threats in safety discussions and shares best practices to address or mitigate risk
  • Assesses and identifies appropriate resources and equipment necessary to fully support environmental health and safety (EHS) objectives
  • Actively maintains safe working conditions at all times
  • Proactively ensures safety and security requirements are followed and met for the work of themselves and others
  • Processes method statement of work (MSOW) documents
  • Coordinates activities and associated schedules with contractors
  • Fulltime
Read More
Arrow Right