CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

Secure by Design Expert

Romania, Iasi · Job Posted January 21, 2026
Apply Position
Job Link Share

Job Description

We are seeking a Secure by Design Expert to join our Global Cyber Security UK team. In this role, you will conduct Secure by Design assessments and provide guidance to projects and business-as-usual activities across Vodafone UK’s Consumer, Business, and Internal functions. You will ensure secure delivery of products, services, and solutions, working closely with project teams to align with global and local security standards. This position requires strong technical leadership and collaboration with Cyber Security Champions and specialists, embedding security practices into IT & Digital processes such as Agile, DevSecOps, and CI/CD.

Job Responsibility

  • Perform Secure by Design assessments and provide consultancy to projects and business areas
  • Embed effective security practices into IT & Digital processes
  • Deliver cyber security guidance, design input, and review/approval of connectivity across Vodafone networks
  • Specify and oversee security testing, ensuring vulnerabilities are remediated
  • Identify and manage cyber security risks, ensuring compliance with Vodafone policies and UK Telecommunications Security Act
  • Influence stakeholders and maintain strong relationships across business functions
  • Provide technical leadership and task direction to Secure by Design Specialists and Cyber Security Champions

Requirements

  • Degree in telecommunications, computer science, or equivalent
  • Strong understanding of security architecture, risk management principles, and data privacy legislation
  • Hands-on experience with IT & Digital technologies including application security, mobile apps, cloud infrastructure, and network security
  • Ability to scope penetration tests and guide remediation of vulnerabilities
  • Excellent communication skills to explain complex security requirements in simple terms
  • Knowledge of security standards such as ISO27001, TSR, and PCI-DSS is desirable
  • Technical certifications (e.g., CISSP, SCCP) are an advantage

Nice to have

  • Knowledge of security standards such as ISO27001, TSR, and PCI-DSS
  • Technical certifications (e.g., CISSP, SCCP)

What we offer

  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Special Paternal Program - 4 months of paid paternity leave
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Secure by Design Expert

8 matching positions

Secure by Design Expert Consumer IT & Channels

We are seeking a security specialist who will provide hands-on expertise in cybe...
Location
Location
Romania , Bucharest and Iasi
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced cybersecurity professional with 5+ years in security, including hands‑on consulting, risk management and security governance
  • Strong understanding of cybersecurity principles, frameworks and best practices
  • Knowledgeable in cloud security (AWS, Azure, GCP, Kubernetes, Docker) and identity and access management
  • Familiar with usability in security and privacy, with the ability to translate technical concepts for non‑technical audiences
  • Able to work effectively in near‑shore or remote team environments, using strong communication and critical thinking skills
  • Holds relevant certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
Job Responsibility
Job Responsibility
  • Provide expert guidance on secure-by-design principles to Consumer IT & Channels and support security integration throughout development lifecycles
  • Collaborate with architecture, design, engineering and operations teams to ensure adherence to Vodafone security standards
  • Identify, assess and prioritise risks while supporting remediation plans and mitigation initiatives
  • Conduct security reviews, ensuring alignment with regulatory standards such as GDPR, ISO 27001, PCI DSS and SOX
  • Support vulnerability assessment activities, reporting and follow-up, and contribute to improving security posture across platforms
  • Communicate security risks effectively to technical and non‑technical stakeholders, providing clear recommendations for complex environments
  • Enable a positive security culture by demonstrating how security can enable business innovation and secure product delivery
What we offer
What we offer
  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Fulltime
Read More
Arrow Right

Senior Lead Secure by Design

We are seeking a Secure by Design professional to lead technically orientated se...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive professional experience in information technology and cyber security, with strong capability in securing Office IT products and services
  • Demonstrated expertise with Microsoft technologies, including O365 Security & Compliance, Copilot, Microsoft Defender, Azure and cloud productivity ecosystems
  • Strong understanding of AI security and governance, including LLM risk management, prompt security and secure enterprise AI deployment
  • Solid background in enterprise risk management across cloud, Office IT and AI-related environments
  • Proficient in agile ways of working, modern cloud service consumption models and identity management in collaboration ecosystems
  • Ability to communicate complex technical matters to diverse non‑technical business stakeholders clearly and effectively
  • Holds relevant qualifications such as CISSP, CISM, CISA, CRISC, ISO 27001 LA, GIAC, TOGAF or SABSA
  • Minimum 5 years of experience in cyber security, 10+ years with Microsoft Office 365 and related services, and 5+ years in cloud security
Job Responsibility
Job Responsibility
  • Deliver technically focused security assessments for OIT products and services, ensuring alignment to secure by design principles
  • Define, communicate and oversee implementation of security requirements for new and existing services
  • Provide expert security design consultancy to architecture, delivery and operational teams across markets and group entities
  • Evaluate risks and compliance status of Office IT products, cloud services and AI-driven platforms, ensuring mitigation to acceptable levels
  • Guide suppliers and third parties in meeting Vodafone’s security expectations and standards
  • Support agile teams by coaching Security Champions and managing external security consultancy resources
  • Influence a collaborative approach that positions security as a business enabler
What we offer
What we offer
  • Opportunity to influence global cyber security practices across multiple markets and functions
  • Work on cutting-edge technologies including cloud, AI and enterprise collaboration platforms
  • Exposure to cross-functional global teams and high-impact security governance
  • Ability to shape secure solutions for products used by millions globally
Read More
Arrow Right

Senior Manager - Secure by Design

We are seeking a Senior Tester to deliver high-quality testing services within t...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10–15 years of experience in IT security, with strong expertise in Security Architecture
  • Proficient in Information Security Risk Assessment, including Cloud, Data Centre, and Application Security
  • Familiar with OWASP “Security by Design” and Risk Frameworks
  • Experienced with standards/frameworks such as ISO27001, ISO22301, ISO31001, NIST 800-53, OWASP
  • Strong stakeholder management and communication skills
  • Able to simplify complex problems and deliver innovative solutions
  • Advantageous if certified in CISA, CISM, ISO 27001/31001, or ITIL/SCRUM/Lean Six Sigma
  • Knowledge of GDPR, Data Privacy, and Information Protection
  • Experience in telecoms or IP networks is a plus
Job Responsibility
Job Responsibility
  • Conduct security assessments and define requirements for new products and services
  • Provide expert guidance on security architecture and design across business units
  • Act as a cyber coach to agile projects and program teams globally
  • Ensure compliance with Vodafone’s security standards for internal and external stakeholders
  • Collaborate with cross-functional teams including Risk & Compliance, Ethical Hacking, and Security Operations
  • Influence the risk posture of products and services and support commercial launch decisions
  • Promote security as a business enabler and differentiator
What we offer
What we offer
  • Opportunity to be a part testing initiatives in a global telecom environment
  • Exposure to diverse technologies including CRM, Billing, and Middleware
  • Collaboration with international teams and stakeholders
  • Involvement in strategic and operational decision-making
  • A chance to contribute to innovation and continuous improvement in testing practices
Read More
Arrow Right

Subject Matter Expert (Secure the Enterprise)

Amentum is seeking a Subject Matter Expert (SME) 3 for a prime contract.
Location
Location
United States , Linthicum
Salary
Salary:
220000.00 - 250000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Demonstrate a high-level of independent thought, action and judgement
  • Demonstrate a high-level of problem solving and solution development to include designing and developing full-stack data analysis solutions in Python and Django in a Linux server environment, and ability to maintain current applications
  • Self-motivated, independent, detail-oriented, responsible team player
  • Experience briefing and working with the highest levels of government agency leadership
  • Ability to develop cross-organization and interagency relationships and maintain them over time
  • A working knowledge of the security authorization processes and procedures as defined in the RMF in NIST SP800-37
  • Knowledge of cloud architecture and cloud service providers
  • Knowledge of Customer enterprise tools and solutions
  • Ability to effectively communicate with customers of various skill levels to resolve compliance issues
  • Ability and willingness to perform deep dive analysis on customer issues to resolve their compliance challenges
Job Responsibility
Job Responsibility
  • Serve as Lead Technical Advisor for the Secure the Enterprise (STE) and Zero Trust (ZT) initiatives, working one-on-one with the Government Division Chief and Technical Director and Deputy Authorizing Official to advise on STE/ZT strategies, policies, and performance
  • Brief the Chief Information Security Officer and Chief Information Officer on STE data, trends, updates, and changes
  • Serve as the highest level of STE technical support to the security community
  • Converse, analyze and advise on STE areas of concern to include Transport Layer Security (TLS) versions and cipher suites, Network Flow data (NetFlow and its variants), configuration of network devices, audit data logs (syslog and variants) collection and analysis, user activity monitoring, and other technical areas
  • Assist system personnel across the enterprise to maintain the appropriate operational security posture in accordance with STE compliance regulations, policies and playbook guidance for their assigned systems, programs, and/or enclaves
  • Provide guidance and technical expertise on all STE requirements that impact or affect the security compliance of the information system
  • Assist in the development and execution of an enterprise level STE compliance program that facilitates RMF continuous monitoring to minimize security risks and ensure compliance with that program on a routine basis
  • Manually review submitted evidence and justifications for manual compliance validations, determinations of applicability and exceptions for all STE security controls
  • Based on your review, make recommendations to leadership for approval or rejection of requests for exceptions from STE security requirements
  • Based on your review and written guidance, approve, or reject requests for manual validation or determination of applicability
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right
New

Sr Principal Engineer - Software Quality

This is where new knowledge is discovered. Baxter’s Research and Development tea...
Location
Location
United Kingdom , Gloucester
Salary
Salary:
Not provided
https://www.baxter.com/ Logo
Baxter
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor of Science or Bachelor of Engineering in Software Engineering, Computer Science, Electrical, Biomedical, or related discipline required
  • Master’s degree or PhD preferred with 10+ years of progressive experience in software quality engineering, including regulated medical device software and/or digital health platforms
  • Strong expertise in: ISO 13485 Quality Management Systems
  • EU MDR (Regulation (EU) 2017/745) and software implications
  • Software lifecycle standards (e.g., IEC 62304, IEC 82304 where applicable)
  • FDA software and quality system expectations
  • Proven ability to integrate Agile development practices with regulatory compliance, including traceability, documentation, and change management
  • Broad understanding of: Software architecture and system integration
  • Cloud-based systems, cybersecurity, and data privacy considerations
  • Software risk management, including hazard analysis and vulnerability management
Job Responsibility
Job Responsibility
  • Lead and govern activities that ensure alignment with Baxter’s Product Lifecycle Management (PDLM) and Change Control Management (CCM) processes and compliance with design controls and quality system regulations
  • Translate Agile software development practices into compliant frameworks that meet Baxter, ISO 13485 and EU MDR expectations, including traceability, documentation, verification, and validation
  • Ensure effective implementation of software design controls, including: Software requirements and architecture, Risk management (software hazard analysis, cybersecurity risk), Verification and validation strategies (manual, automated, CI/CD pipelines), Configuration and change management
  • Lead integration of Quality Management System (QMS) processes into software development workflows, including: CAPA and nonconformance handling, Complaint handling and feedback loops into Agile backlogs, Audit readiness and inspection support
  • Ensure compliance with EU MDR requirements, including: Support for technical documentation and software lifecycle evidence, Alignment of software changes with regulatory impact assessments, Post-market surveillance inputs (e.g., trending, signal detection)
  • Apply advanced quality and engineering tools including root cause analysis, reliability engineering, and data analytics to improve software quality and system performance
  • Oversee development of technical documentation supporting: Design history files (DHF) / technical files, Software lifecycle documentation (per IEC 62304 where applicable), Risk management files, Verification and validation reports, Regulatory submissions
  • Serve as subject matter expert for software quality, cybersecurity, and lifecycle management, providing guidance across teams and influencing enterprise-wide standards
  • Collaborate closely with Quality, Regulatory Affairs, R&D (software and systems), Product Management, Cybersecurity, Clinical, and Manufacturing teams to ensure software products are safe, effective, secure, and compliant
What we offer
What we offer
  • Support for Parents
  • Continuing Education/ Professional Development
  • Employee Heath & Well-Being Benefits
  • Paid Time Off
  • 2 Days a Year to Volunteer
  • Fulltime
Read More
Arrow Right
New

Infrastructure Engineering Specialist

As an Infrastructure Engineering Specialist, you will independently drive the ex...
Location
Location
United Kingdom , London
Salary
Salary:
654.00 GBP / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 22, 2026
Flip Icon
Requirements
Requirements
  • Security Clearance: An Active DV (Developed Vetting) level of National Security clearance is absolutely mandatory for this role
  • Virtualisation & OS: Hands-on experience with VMWare (ESX, VCentre, vCF), Containers, Kubernetes, VKS, NSX V&T, alongside Windows, Linux, or Mac Server system management
  • Scripting: Strong proficiency in scripting languages like Python, PowerShell, Bash, or Java
  • Automation & IaC: Mastery of infrastructure automation, orchestration, and automated builds using Terraform, Ansible, Puppet, Foreman, Kickstart (including PXE), or Microsoft Deployment toolkits
  • Code Management: A robust configuration-managed approach utilizing tools like Git or Subversion within continuous integration workflows
  • Storage: Understanding of deployment and configuration for network file sharing (NFS, SAMBA) and enterprise high-availability storage platforms (EMC, Dell, or NetApp)
  • Networking: Solid networking background, ideally including large-scale platform configurations across campus and WAN topologies
  • Monitoring & Security: Experience configuring monitoring applications (Prometheus, Zabbix, SolarWinds, Nagios, OpenNMS, CheckMK) and security monitoring tooling (Elastic SIEM, Tenable)
Job Responsibility
Job Responsibility
  • Independently drive the execution and vision for Enterprise Systems Management (ESM), Automation, and Continuous Integration/Continuous Deployment (CI/CD) technologies within our infrastructure landscape
  • Manages the implementation of high-level designs to create secure, stable network environments that meet the needs of the business, are shared with partners, and strictly comply with security, privacy, and audit requirements
  • Leads the maintenance of IT infrastructure tools and executes designs across network, security, compute, and storage domains in alignment with design standards
  • Provides advanced technical expertise to help resolve complex problems alongside managers, principals, and technical experts
  • Leads collaboration across cyber security, enterprise architecture, and application development teams to implement an effective product roadmap
  • Leads daily support for internal system health, tools, infrastructure projects, and customer support contracts
  • Leads collaboration with technical architects, using advanced technical knowledge to translate architectural designs directly into operational realities
  • Leads the installation, configuration, maintenance, optimization, and support of software, hardware, and communication links
Read More
Arrow Right
New

Senior ServiceNow CMDB & Configuration Management Administrator

We have a contract to hire opportunity for a senior-level ServiceNow CMDB Admini...
Location
Location
United States , Detroit
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree
  • 5+ years supporting ServiceNow in an enterprise environment, including CMDB administration
  • Strong knowledge of ServiceNow CMDB, Discovery, and integration principles
  • Practical understanding of CSDM (Common Service Data Model) and how it supports ITSM/ITOM
  • Experience administering integration workflows, MID Servers, APIs, and ETL pipelines
  • Solid understanding of IT infrastructure components (servers, networks, cloud, containers)
  • Familiarity with: Transform maps
  • Script includes
  • Business rules
  • Scheduled jobs
Job Responsibility
Job Responsibility
  • Administer and configure the ServiceNow CMDB, including CI classes, attributes, relationships, and CMDB Data Model (CMDB Core, CSDM preferred)
  • Manage identification/reconciliation rules, CI lifecycle states, and class-level governance
  • Support platform upgrades, patch deployments, regression testing, and performance monitoring
  • Troubleshoot CMDB behaviors, data issues, transform failures, and Discovery patterns
  • Mentor and direct the efforts of Configuration Management analysts and developers
  • Support ServiceNow Discovery, MID servers, credentials, probes, and patterns
  • Maintain integrations with data sources such as SCCM/MECM, Intune, JAMF, Tanium, Qualys, vCenter, AWS, Azure, and others
  • Develop or maintain REST/SOAP API integrations, IntegrationHub spokes, and scheduled imports
  • Improve CI completeness, operational coverage, and data reliability
  • Serve as SME for ITIL Configuration Management, ensuring practices align with ITIL v4 guidelines
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
Read More
Arrow Right
New

Windows Server Engineer

Location
Location
United States , Columbus
Salary
Salary:
Not provided
zeektek.com Logo
Zeektek
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in Computer Science or a related field, and six years of experience in a technology-related role
  • Must possess excellent interpersonal and communication skills
  • A working knowledge of server hardware
  • Extensive experience with Microsoft operating systems and related technologies
Job Responsibility
Job Responsibility
  • Contributes strategic vision and serves as the top-level technical contributor in the planning, design, development, and implementation of integrated technology solutions that support and enhance Window Server systems
  • Responsible for the overall design and architecture of the Window Server systems environment, leading the engineering, build, installation/configuration, operation, and maintenance of systems hardware, software, and related infrastructure
  • Oversees Windows Server operating systems and hardware administration, including provisioning, monitoring, tuning, capacity planning, security, troubleshooting, support, and maintenance
  • Evaluates, develops, and implements operating system enhancements to improve the reliability, scalability, sustainability, and availability of the server environment
  • Performs the most complex software installations and upgrades, ensuring all activities are planned, scheduled, and executed in accordance with established IT policies and procedures
  • Monitors and tunes server operating systems to achieve optimal performance levels while consulting on major initiatives across multiple departments, service lines, platforms, and administrative interfaces
  • Provides expertise on integrating Window Server technologies with broader business and healthcare solutions
  • Leads high-impact projects involving significant business risk, facilitating the evaluation and research of new and existing products, procedures, and workflows related to Window Server operating systems
  • Acts as a subject matter expert on Window Server systems strategies, procedures, policies, and methodologies
  • Offers direction and insight to leaders, peers, and team members to align strategic system requirements with evolving IT and business opportunities
What we offer
What we offer
  • Weekly Direct Deposit
  • 401K Matching
  • Competitive medical, dental and vision insurance
  • Consistent communication throughout your project
  • ZeekTek Referral Program
  • Fulltime
Read More
Arrow Right