CrawlJobs Logo

Secure by Design Expert

vodafone.com Logo

Vodafone

Location Icon

Location:
Romania , Iasi

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a Secure by Design Expert to join our Global Cyber Security UK team. In this role, you will conduct Secure by Design assessments and provide guidance to projects and business-as-usual activities across Vodafone UK’s Consumer, Business, and Internal functions. You will ensure secure delivery of products, services, and solutions, working closely with project teams to align with global and local security standards. This position requires strong technical leadership and collaboration with Cyber Security Champions and specialists, embedding security practices into IT & Digital processes such as Agile, DevSecOps, and CI/CD.

Job Responsibility:

  • Perform Secure by Design assessments and provide consultancy to projects and business areas
  • Embed effective security practices into IT & Digital processes
  • Deliver cyber security guidance, design input, and review/approval of connectivity across Vodafone networks
  • Specify and oversee security testing, ensuring vulnerabilities are remediated
  • Identify and manage cyber security risks, ensuring compliance with Vodafone policies and UK Telecommunications Security Act
  • Influence stakeholders and maintain strong relationships across business functions
  • Provide technical leadership and task direction to Secure by Design Specialists and Cyber Security Champions

Requirements:

  • Degree in telecommunications, computer science, or equivalent
  • Strong understanding of security architecture, risk management principles, and data privacy legislation
  • Hands-on experience with IT & Digital technologies including application security, mobile apps, cloud infrastructure, and network security
  • Ability to scope penetration tests and guide remediation of vulnerabilities
  • Excellent communication skills to explain complex security requirements in simple terms
  • Knowledge of security standards such as ISO27001, TSR, and PCI-DSS is desirable
  • Technical certifications (e.g., CISSP, SCCP) are an advantage

Nice to have:

  • Knowledge of security standards such as ISO27001, TSR, and PCI-DSS
  • Technical certifications (e.g., CISSP, SCCP)
What we offer:
  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Special Paternal Program - 4 months of paid paternity leave

Additional Information:

Job Posted:
January 21, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Vodafone - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Secure by Design Expert

Senior Backend Engineer - Container Scanning & Security

Endor Labs is on a mission to enhance developer productivity and accelerate open...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.endorlabs.com Logo
Endor Labs
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expert knowledge of container technologies and container security
  • Bachelor's degree in engineering with at least 5 years of experience in building scalable platforms for product/SaaS companies
  • Previous experience building security tooling
  • At least 3 years of experience in Golang programming with a focus on microservices/distributed architecture
  • Practical experience designing APIs with one or more frameworks (gRPC [preferred], ReST, GraphQL, Thrift, etc.)
  • Ability to build and design technical solutions from scratch
  • Able to work in a fast-paced environment with evolving requirements
  • Ability to solve problems creatively and independently when in uncharted or unfamiliar territory
  • Practical experience in troubleshooting distributed systems and the ability to identify root causes
  • Comfortable with performing and receiving code reviews, providing constructive feedback, and maintaining code quality
Job Responsibility
Job Responsibility
  • Design, develop, and maintain a container security scanning solution that generates Software Bill of Materials (SBOM) and identifies vulnerabilities
  • Implement container image analysis to extract dependencies from package managers
  • Work on container signing and provenance tracking
  • Be part of dependency resolution development team working on a distributed, microservices-based system
  • Build and own features end-to-end including unit and integration tests
  • Have the autonomy and the responsibility to design and implement quality features that will be used by customers
  • Use best practices of observability to ensure that the product and the platform have the best reliability and availability for our customers
  • Generate comprehensive SBOMs for container images
  • Fulltime
Read More
Arrow Right

Security Architect – GCP & Agentic AI

The Security Architect role focuses on designing secure architectures for Google...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ year’s experience in information security, cloud security and architecture roles
  • Strong knowledge of security governance, risk and compliance frameworks (ISO 27001, NIST CSF/800‑53, NIS2, DORA)
  • Strong communication skills and ability to work with senior stakeholders
  • Experience mentoring teams or influencing security decisions
  • Google Cloud Platform (GCP) Cloud‑native architecture design (GCP‑focused)
  • Deep hands‑on experience with GCP security services and GCP security best practices
  • Experience architecting secure multi‑project setups and identity boundaries
  • Agentic AI Security Experience designing security for agent‑based AI systems and LLM‑integrated applications
  • Hands‑on experience with AI/LLM security controls (prompt security, model governance, secure APIs, orchestration security)
  • AI‑specific threat modelling expertise
Job Responsibility
Job Responsibility
  • Translate business, data protection and security requirements into practical architectural designs leveraging industry frameworks (NIST, ISO 27001, CIS)
  • Design and maintain cloud‑native security architectures, with deep expertise in GCP architecture, security services, and secure workload design
  • Establish secure architectural patterns and standards across cloud platforms, with specific focus on GCP IAM, VPC Service Controls, Cloud Armor, Confidential Computing, and secure workload segmentation
  • Develop security design documentation, diagrams, and rationale aligned with business and compliance requirements
  • Apply risk‑based and threat‑based approaches to recommend secure and proportionate solutions
  • Designing security architectures for agent‑based AI systems, including orchestration frameworks, tool‑use agents, and multi‑agent workflows
  • Implementing AI/LLM security controls across: Model security (input/output filtering, model guardrails), Prompt security, adversarial prompt defense, prompt isolation, API & orchestration security, including secure agent tool use, Data security for vector stores, embeddings, and retrieval services
  • Performing AI‑specific threat modelling, including: Model extraction & poisoning, Hallucination‑driven risk, Sensitive data leakage, Toxic output & jailbreak attempts
  • Advising on secure integration of AI with cloud environments, focusing on compliant, privacy‑aware design
  • Conduct comprehensive risk assessments and threat modelling for cloud and AI systems
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

Security Architect

The Security Architect role focuses on designing secure architectures for cloud ...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Security-first mindset
  • 5+ year’s experience in information security, cloud security and architecture roles
  • Strong knowledge of security governance, risk and compliance frameworks (ISO 27001, NIST CSF/800‑53, NIS2, DORA)
  • Strong communication skills and ability to work with senior stakeholders
  • Experience mentoring teams or influencing security decisions
  • Google Cloud Platform (GCP) cloud‑native architecture design
  • Deep hands‑on experience with GCP security services and GCP security best practices
  • Experience architecting secure multi‑project setups and identity boundaries
  • Experience designing security for agent‑based AI systems and LLM‑integrated applications
  • Hands‑on experience with AI/LLM security controls (prompt security, model governance, secure APIs, orchestration security)
Job Responsibility
Job Responsibility
  • Translate business, data protection and security requirements into practical architectural designs leveraging industry frameworks (NIST, ISO 27001, CIS)
  • Design and maintain cloud‑native security architectures, with deep expertise in GCP architecture, security services, and secure workload design
  • Establish secure architectural patterns and standards across cloud platforms, with specific focus on GCP IAM, VPC Service Controls, Cloud Armor, Confidential Computing, and secure workload segmentation
  • Develop security design documentation, diagrams, and rationale aligned with business and compliance requirements
  • Apply risk‑based and threat‑based approaches to recommend secure and proportionate solutions
  • Designing security architectures for agent‑based AI systems, including orchestration frameworks, tool‑use agents, and multi‑agent workflows
  • Implementing AI/LLM security controls across: Model security (input/output filtering, model guardrails), Prompt security, adversarial prompt defense, prompt isolation, API & orchestration security, including secure agent tool use, Data security for vector stores, embeddings, and retrieval services
  • Performing AI‑specific threat modelling, including: Model extraction & poisoning, Hallucination‑driven risk, Sensitive data leakage, Toxic output & jailbreak attempts
  • Advising on secure integration of AI with cloud environments, focusing on compliant, privacy‑aware design
  • Conduct comprehensive risk assessments and threat modelling for cloud and AI systems
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options.
Read More
Arrow Right

Staff Security Engineer II

As a Staff Application Security Engineer at Confluent, you will join a team of s...
Location
Location
India , Remote
Salary
Salary:
Not provided
confluent.io Logo
Confluent
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10–12 years of hands-on Application Security experience
  • Comprehensive knowledge of security fundamentals as applied to modern web applications and cloud-native platforms including secure software design and architecture, secure coding practices, common vulnerability classes
  • Ability to partner as a trusted peer with Engineering and Product leadership
  • Ability to lead technical investigation and response to application security incidents
  • Proven experience evolving the software development lifecycle to embed security by default
  • Experience in Go, Python, or Java, with the ability to design and build scalable security automation frameworks
  • Experience in leading cross-functional initiatives in distributed environments
  • A data-driven decision-maker who can balance security requirements with business velocity and engineering trade-offs
  • Ability to raise the organization’s security bar through architectural reviews, advanced technical guidance, and the development of engineers
Job Responsibility
Job Responsibility
  • Partner closely with Engineering, Product, and Platform teams to identify security risks early, influence architectural decisions, and drive adoption of secure-by-design practices
  • Define and standardize threat modeling frameworks and security design standards, and lead security design reviews for complex, distributed systems
  • Serve as the subject matter expert (SME) for product security implementation reviews, overseeing security code reviews and API security testing
  • Architect and drive the roadmap for security automation, building scalable software security tooling
  • Design and lead the deployment of automation and orchestration frameworks that integrate security seamlessly into the cloud-native deployment pipeline
  • Proactively identify new vulnerability classes, lead research initiatives and orchestrate complex table-top exercises
  • Strategically identify and deploy advanced technology controls to maximize observability and harden key attack surfaces
What we offer
What we offer
  • Remote-First Work
  • Robust Insurance Benefits
  • Flexible Time Away
  • The Best Teammates
  • Experience Ambassadors
  • Open and Honest Culture
  • Well-Being and Growth
  • Fulltime
Read More
Arrow Right

Principal Security Architect

We’re building a world of health around every individual — shaping a more connec...
Location
Location
United States
Salary
Salary:
144200.00 - 288400.00 USD / Year
https://www.cvshealth.com/ Logo
CVS Health
Expiration Date
May 31, 2026
Flip Icon
Requirements
Requirements
  • 15+ years of relevant work experience (8+ years in architecture)
  • 10+ years of experience building or securing large-scale business applications using modern technologies and architectural patterns
  • 10+ years of experience designing secure integrations with a focus on performance, resilience, and loose coupling using APIs, microservices, and event-driven architecture
  • 8+ years of experience and proficiency with modern languages, frameworks, and associated secure development practices
  • 6+ years of experience facilitating implementation of secure north star architectures by delivery teams through mentoring and building POCs, secure patterns, and other collaborative activities
  • Expert-level understanding of security architectural methodologies/best practices, regulatory and compliance requirements, and risk frameworks that influence architecture decisions
  • Recognized technical leader with full stack technology knowledge and recognized as an expert in one or more security domains like Identity & access management (IAM), network security, cloud security (AWS/Azure/GCP), data protection, zero trust, or security operations
  • Experience recognizing the impact security architecture decisions can have on strategic business decisions
  • Substantial experience with requirements analysis, risk assessment, estimation, and secure application design
  • Experience defining architecture using the C4 model or equivalent, with a focus on system context, container, component diagrams, including secure trust boundaries
Job Responsibility
Job Responsibility
  • Be part of a team responsible for enabling secure technology solutions that meets our business strategy and drives business value
  • Define and collaborate on the creation of security roadmaps, security reference architectures, standards, best practice documents, and secure-by-design reference implementations that accelerate delivery while ensuring safety and compliance
  • Evaluate market trends in cybersecurity, execute buy vs. build decisions and assess cost and the risk impact on targeted business outcomes
  • Define future state security architecture that supports secure adoption of Artificial Intelligence, APIs, data stores, cloud infrastructures, cloud services, and microservices
  • Collaborate and consult with technology, cybersecurity, and business partners to optimize business applications and systems that adopt modern and secure architectures, especially around AI
  • Develop and maintain a strategic vision for the secure use of AI technologies, aligned to the CVS Health platform based on key business drivers, regulatory requirements, and emerging threat trends
  • Define and collaborate on the creation of security frameworks for the enterprise that promote reuse, reduces cost, manages risk, and increases speed to market
  • Effectively build and maintain strong relationships with technology, cybersecurity, and business partners to establish trust and influence key security decisions
  • Provide guidance, direction and mentorship to engineers and other stakeholders regarding security architecture and secure design of enterprise applications
  • Ensure all Non-Functional Security Requirements (e.g., authentication, authorization, resilience, encryption, auditability, availability, etc.) are properly articulated, and work with all parties to guarantee that delivered software products meet these objectives
What we offer
What we offer
  • Affordable medical plan options
  • a 401(k) plan (including matching company contributions)
  • an employee stock purchase plan
  • No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching
  • Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility
  • CVS Health bonus, commission or short-term incentive program
  • award target in the company’s equity award program
  • Fulltime
Read More
Arrow Right

Digital Web & Mobile Security Senior Analyst

The Digital Web & Mobile Security Senior Analyst is an intermediate level positi...
Location
Location
India , Chennai; Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience as application security consultant / security expert
  • SME level knowledge of web application vulnerabilities and web application business logic flaws and threats
  • In depth and hands-on understanding and application architectures and technology (including web applications, mobile technology, web 2.0 technology, identity and access management)
  • Demonstrable experience with mobile application security, HTML5, Web Services/API assessment, identity management will be highly regarded
  • Thorough understanding of industry and corporate technology standards for Information Security
  • Expert in latest Internet and Mobile technology with strong architectural and design knowledge
  • Detailed familiarity with security hacking tools and techniques
  • Excellent written and oral English communication skills
Job Responsibility
Job Responsibility
  • Prevent and drive to clear the outstanding safety and soundness items by assessing and predicting the potential risk items before it becomes an issue / escalation
  • Assess priorities across multiple safety and soundness items and drive those critical ones similar like driving high priority production items and never settle until it is closed
  • Drive our outstanding safety and soundness items across all teams to closure and turn it around to become prevention instead of reacting to issues
  • Operate independently including the ability to provide executive summary for safety and soundness issues for executive consumption without a need for a continuous review
  • Review existing security architectures, identify design gaps, and recommend security enhancements
  • Act as an advocate for the application security architecture. Communicates and educates on the IS Architecture and roadmap
  • Develop security design pattern by identifying broader and emerging IS issues
  • Provides architecture consulting across the bank to project teams and other architects
  • Prioritize architecture deliverables, and establish short-term, mid-term and long-range architecture plans. Facilitates the migration to the reference architecture in a way that enables and supports the strategic plan
  • Maintains understanding of business issues, operating procedures and priorities
  • Fulltime
Read More
Arrow Right
New

Senior Security Solution Architect (Pre-sales)

The Senior Security Solutions Architect at NTT DATA is a pivotal role focused on...
Location
Location
United States of America , Remote
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Advanced hands-on experience designing, implementing, integrating, and troubleshooting solutions from: Cisco (Firepower, ASA, ISE, Umbrella, SecureX, VPN solutions), Palo Alto Networks (NGFW, Panorama, GlobalProtect, Prisma Access/Cloud), Fortinet (FortiGate, FortiManager, FortiAnalyzer, FortiAuthenticator, SD-WAN), Check Point (Quantum Security Gateway, Management Server, CloudGuard, Infinity)
  • Experience with secure network design, segmentation, threat prevention, IPS/IDS, URL filtering, and advanced malware protection
  • Experience integrating logging, monitoring, and SIEM/SOAR systems
  • Experience with secure remote access, VPN architecture, and Zero Trust design
  • Experience integrating solutions into hybrid/multi-cloud environments (AWS, Azure, GCP)
  • Experience in client-facing security consulting, including requirements gathering and risk analysis
  • Experience working in Agile or DevSecOps environments preferred
  • Demonstrated ability to develop and deliver security-focused technical solutions for enterprise clients
  • Bachelor's degree in computer science, engineering, cybersecurity, or related field (or equivalent experience)
  • Strongly preferred certifications: Cisco: (CCNP Security, CCIE Security, CyberOps) and/or Palo Alto Networks: (PCNSA, PCNSE) and/or Fortinet: (NSE4-NSE7 (especially NSE5-NSE7)) and /or Check Point: (CCSA, CCSE, CCSM)
Job Responsibility
Job Responsibility
  • Contributes to the development of complex security-centric solution architectures across business, infrastructure, application, and cloud environments
  • Identifies and evaluates alternative security architectures and analyzes trade-offs in risk reduction, cost, performance, and scalability
  • Produces specifications for cloud or on-premises components with an emphasis on security controls, identity and access management, encryption standards, network segmentation, and compliance requirements
  • Designs components using modelling techniques that incorporate security-by-design principles, Zero Trust concepts, and industry frameworks (e.g., NIST CSF, ISO 27001)
  • Creates multiple design views for stakeholder concerns, including non-functional security requirements, and develops security proof-of-concepts (POCs)
  • Supports change programs with technical planning aligned to enterprise security architecture standards and regulatory requirements
  • Ensures solutions meet data protection and cybersecurity obligations (GDPR, HIPAA, PCI-DSS, SOC 2)
  • Leads understanding of client security requirements, gathers and analyzes threat/risk data, and provides expert remediation guidance
  • Advises clients on security modernization, cloud security, secure application design, and emerging cybersecurity practices
  • Recommends new security services and contributes to security go-to-market offerings
  • Fulltime
Read More
Arrow Right

Director - Security Architecture, Operations, and Engineering

We are seeking a Director of Security Architecture and Engineering to design and...
Location
Location
United States , San Jose
Salary
Salary:
219000.00 - 290000.00 USD / Year
archer.com Logo
Archer Aviation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in computer science, Information Security, Engineering, or related field (or equivalent work experience)
  • 10 plus years of experience in Security Engineering, Cloud Architecture, Infrastructure Design, or related roles, with a minimum of 3 years in a lead or principal architect role designing enterprise-scale security architectures
  • Expert-level understanding of Zero Trust Architecture (ZTA) principles and hands-on experience designing and implementing ZTA across multiple domains (identity, network, cloud, application)
  • Deep technical expertise in cloud security architecture (AWS and Azure), including networking, identity services, compute security, data protection, and logging
  • Hands-on architecture experience with identity and access management platforms (Okta, Azure AD) and privileged access management solutions
  • Expert-level understanding of NIST SP 800-171 and CMMC Level 2 frameworks, with the ability to design control architecture and technical solutions that satisfy compliance requirements
  • Strong knowledge of SOX ITGC requirements, ISO 27001 architecture, and ability to design controls that balance security and operational needs
  • Architecture and design experience with infrastructure-as-code, containerization, Kubernetes, and DevSecOps practices
  • Proficiency in threat modeling methodologies and ability to assess residual risk in complex systems
  • Strong communication skills to present security architecture to technical teams, executive leadership, and boards, translating technical concepts into business language
Job Responsibility
Job Responsibility
  • Design and implement a unified Zero Trust Architecture (ZTA) that spans identity, network, cloud, application, and infrastructure domains, establishing architecture standards and guiding principles for all security domains across Archer
  • Lead the architecture and technical design of cloud security infrastructure (AWS, Azure, and GCP), including secure landing zones, network segmentation, encryption strategies, and shared security services (logging, threat detection, key management)
  • Establish security control architecture aligned to NIST SP 800-171 and CMMC Level 2 frameworks, translating control requirements into technical solutions and engineering roadmaps across the enterprise
  • Design and oversee the implementation of identity and access management architecture (Okta, privileged access management, identity governance), ensuring scalability, auditability, and alignment to zero trust principles
  • Create and maintain security architecture blueprints and technical reference architectures (cloud, microservices, DevSecOps) that enable consistent, secure design across all engineering teams
  • Establish DevSecOps architecture and practices, including CI/CD security gates, infrastructure-as-code scanning, supply chain security, and automated compliance evidence collection integrated into the development pipeline
  • Lead security architecture reviews for major infrastructure, cloud, and application projects, ensuring security requirements are integrated early, and tradeoffs between security and business needs are documented
  • Drive the design and implementation of enterprise security tooling strategy (SIEM, CSPM, endpoint detection, threat intelligence), ensuring tools integrate seamlessly and reduce operational friction
  • Establish threat modeling and attack surface management practices across engineering teams, prioritizing investments based on residual risk and business impact
  • Mentor and lead security engineers and architects, establishing technical standards, conducting design reviews, and building a strong security engineering culture
  • Fulltime
Read More
Arrow Right