CrawlJobs Logo
Plusnet Logo Plusnet · IT - Administration

Secure by Design Governance Manager

United Kingdom, Birmingham · Job Posted March 25, 2026
Apply Position
Job Link Share

Job Description

This role is accountable for improving the efficiency, consistency and quality of operational design processes by embedding effective knowledge management practices and enforcing secure-by-design governance across the lifecycle of change. It focuses on leveraging data-driven insights, knowledge and innovation to demonstrate value, increase efficiency, reduce costs, drive governance and improve outcomes aligned to business objectives. It works collaboratively across the security function and business to understand the end-to-end process of security, the necessary governance to drive security outcomes spanning security functions and continuously optimises ways of working. This role also ensures we are driving the maximum value out of our security practice for the business by driving key performance indicators and reporting on these as necessary. This is role is pivotal to driving maturity out of everything our security practice does and therefore its stakeholders span internal teams, the wider department, PBTG and business stakeholders across the Group.

Job Responsibility

  • Leads on driving governance for design delivery for Security and aligning this to internal security governance in PBTG
  • Leads on driving knowledge lifecycle for the function (CVRR) to maximise the value and relevance of our data and knowledge resources
  • Drives the adoption of design pattern methodology and standards across delivery units helping the design and delivery community to realise good security
  • Defines and enforces the knowledge artefacts for design change and works with business stakeholders to implement workable and consistent approaches
  • Leads the performance analysis and strategy for security processes, tooling and metrics to identify optimisation opportunities
  • Leads or drives the adoption of continuous improvement and lean methodologies
  • Develops strategies to improve efficiency and enhance customer satisfaction
  • Drives collaboration with wider security functions to align optimisation initiatives with business needs
  • Defines data-driven decision making to analyze quantitative and qualitative data to understand performance trends
  • Defines opportunities for AI as appropriate within scope of role
  • Uses tools such as A/B testing, predictive analytics and customer journey mapping to identify actionable improvements
  • Ensures the implementation and monitoring of optimisation initiatives
  • Monitors results, defines and tracks KPIs to measure outcomes
  • Uses customer centric approaches to focus on delivering value and enhancing customer experience
  • Works with and establishes relationships with business customers to understand performance and value gained from consultancy services
  • Leverages intelligence on customer behaviour to apply objective optimisation opportunities and design governance improvements
  • Contributes to the continuous improvement of consultancy tooling to innovate with new capabilities
  • May adapt strategy and approach to achieve knowledge, governance and reporting outcomes

Requirements

  • Strong People management background with experience in running a large efficient matrix managed team
  • Demonstrates own initiative to resolve problems and issues as and when they occur
  • and uses appropriate thought leadership to guide teams to solve complex and long-standing issues
  • Background in security management, process development and stakeholder management
  • Highly effective inter-personal and stakeholder management skills. Able to communicate up to senior levels within BT and equivalent externally
  • Capable and pragmatic leader, able to work diligently towards goals that will be achieved by changing already systemic and embedded was of working
  • Understands and empathises the agendas & needs of others, alongside the needs of the business. Breaks down silos, works brilliantly with partners both within and outside of the organisation to deliver business results

What we offer

  • On target 10% on target bonus
  • BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%
  • From January 2025, equal family leave: receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up
  • Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more
  • 25 days annual leave (not including bank holidays), increasing with service
  • 24/7 private virtual GP appointments for UK colleagues
  • 2 weeks carer’s leave
  • World-class training and development opportunities
  • Option to join BT Shares Saving schemes
Plusnet - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Secure by Design Governance Manager

8 matching positions

Senior Secure By Design Engineer

We are seeking a Senior Secure by Design Engineer to join the EU7 Secure by Desi...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant professional experience in cyber security (typically 5–8+ years) across domains such as IT infrastructure, cloud, networks, telecommunications, and application security
  • Strong understanding of security principles, secure design patterns, threat modelling, and risk management within enterprise and telecommunications environments
  • Practical knowledge of network and telecommunications security, including IP networking, signalling, core and access networks, and associated controls
  • Ability to translate complex technical risks into clear, business-focused recommendations and influence stakeholders through collaborative engagement
  • Relevant academic background in Computer Science, Engineering, or a related field
  • professional certifications such as CISSP, CISM, CCSP, or equivalent are advantageous
Job Responsibility
Job Responsibility
  • Lead and perform security design and architecture assessments for complex or business-critical solutions across IT, cloud, network, and telecommunications environments
  • Identify, assess, and communicate cyber risks early in the solution lifecycle, enabling proportionate risk treatment and informed decision-making
  • Define, review, and approve security requirements and controls aligned with Vodafone standards, regulatory obligations, and industry best practices
  • Provide senior-level security consultancy and guidance to engineering, network, and delivery teams, embedding security by default into designs and operations
  • Support security governance through risk sign-off, exception handling, and contributions to management and executive-level reporting
What we offer
What we offer
  • Opportunity to work on large-scale, business-critical programmes across international Vodafone markets
  • Exposure to diverse technologies including cloud, telecom networks, and enterprise IT environments
  • A collaborative environment where security influences strategic and architectural decisions
  • Continuous learning and development within a global cyber security function
  • Engagement with senior stakeholders, enhancing professional visibility and impact
Read More
Arrow Right

Senior Secure By Design Engineer

We are seeking a Senior Secure by Design Engineer to join the EU7 Secure by Desi...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Significant professional experience in cyber security (typically 5–8+ years) across domains such as IT infrastructure, cloud, networks, telecommunications, and application security
  • Strong understanding of security principles, secure design patterns, threat modelling, and risk management within enterprise and telecommunications environments
  • Practical knowledge of network and telecommunications security, including IP networking, signalling, core and access networks, and associated controls
  • Ability to translate complex technical risks into clear, business-focused recommendations and influence stakeholders through collaborative engagement
  • Relevant academic background in Computer Science, Engineering, or a related field
  • professional certifications such as CISSP, CISM, CCSP, or equivalent are advantageous
Job Responsibility
Job Responsibility
  • Lead and perform security design and architecture assessments for complex or business-critical solutions across IT, cloud, network, and telecommunications environments
  • Identify, assess, and communicate cyber risks early in the solution lifecycle, enabling proportionate risk treatment and informed decision-making
  • Define, review, and approve security requirements and controls aligned with Vodafone standards, regulatory obligations, and industry best practices
  • Provide senior-level security consultancy and guidance to engineering, network, and delivery teams, embedding security by default into designs and operations
  • Support security governance through risk sign-off, exception handling, and contributions to management and executive-level reporting
What we offer
What we offer
  • Opportunity to work on large-scale, business-critical programmes across international Vodafone markets
  • Exposure to diverse technologies including cloud, telecom networks, and enterprise IT environments
  • A collaborative environment where security influences strategic and architectural decisions
  • Continuous learning and development within a global cyber security function
  • Engagement with senior stakeholders, enhancing professional visibility and impact
  • Fulltime
Read More
Arrow Right

Privacy By Design Manager

As a Privacy by Design Manager in the Vodafone Secure & Privacy by Design team, ...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong experience in privacy, with proven ability to lead process improvement or transformation initiatives and drive adoption across a matrix organisation
  • Strong understanding of relevant legislation including the GDPR, ePrivacy Directive and related regulatory expectations, with the ability to translate requirements into practical, scalable and proportionate processes
  • Hands-on experience conducting and assuring privacy assessments (e.g., DPIAs, LIAs, TIAs) and maintaining core privacy records (e.g., ROPA), ideally using workflow tooling such as OneTrust
  • Metrics driven mindset: ability to define KPIs, analyse operational data (e.g., volumes, cycle time, risk trends) and produce management ready reporting to drive continuous improvement
  • Tooling and automation awareness (e.g., privacy tooling and workflow platforms), with the ability to identify and implement opportunities to standardise and automate low-risk or repeatable activities (OneTrust and Jira experience is advantageous)
  • Excellent organisation skills, able to handle multiple requests with differing priorities and stakeholders
  • Excellent command of English, and excellent interpersonal, oral and written communication and public speaking skills
  • Comfortable working in a matrix organisation with tolerance for ambiguity. Persistence to drive change over time
  • Courage to ‘stand up and be counted’ even when view is unpopular at a more senior level
  • Ability to analyse complex information and identify key and relevant points, including communicating in a relevant and easy to understand manner with different audiences
Job Responsibility
Job Responsibility
  • Privacy transformation (process ownership, improvement & simplification): Lead and own simplification and redesign of global privacy processes (e.g., DPIA, LIA, TIA and ROPA) and the supporting templates, playbooks and guidance, applying project/programme management discipline (scope, plan, milestones, and stakeholder governance) to drive delivery and adoption
  • Operating model, decision thresholds & demand management: Lead and own the operating model for privacy engagement, including entry/exit criteria, proportionate decision thresholds and demand triage
  • Support Responsible AI (RAI) processes: Lead and contribute to RAI process workstreams to improve and embed AI risk assessment processes into day-to-day delivery
  • Automation & tooling: Lead delivery of privacy automation and tooling improvements
  • work with Technology, Cyber Security and tool owners to embed privacy logic into enterprise workflows (e.g. OneTrust)
  • Metrics, insights & reporting: Lead operational metrics, dashboards and reporting to track demand, cycle times, completion, incidents and risk trends for management reporting
  • Audit actions, controls & quality: Partner with internal audit and own closure of audit actions, including root cause analysis and sustained remediation
  • Stakeholder enablement & culture: Lead enablement to embed privacy by design ways of working, including training and awareness
  • Market engagement: Lead engagement with local market privacy contacts to align delivery of global privacy and AI risk assessments
  • Supplier compliance & scalable enablement: Lead scalable supplier enablement, embedding privacy and responsible AI requirements into supplier governance through standards, templates and guidance
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

Secure by Design - Artificial Intelligence

We are seeking a Secure by Design – Artificial Intelligence professional to ensu...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced IT and cyber security professional with deep expertise in securing Office IT products and services
  • Strong understanding of AI governance, AI security frameworks, Microsoft Copilot, LLM risk management, prompt security, and AI lifecycle governance
  • Proficient in agile working methods and knowledgeable across endpoint, cloud, and modern collaboration ecosystems
  • Skilled in secure identity management and familiar with Office IT‑driven technology environments
  • Able to communicate complex security concepts clearly to technical and non‑technical stakeholders
  • Holds a university degree in Information Security or equivalent
  • Possesses one or more relevant certifications: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
  • Brings 5+ years of cyber security experience and 10+ years of experience with Microsoft Office 365, Microsoft Security services, and associated technologies
  • Has 5+ years of cloud security experience
Job Responsibility
Job Responsibility
  • Oversee the Group SPDA assessment process from initiation to sign‑off and guide product teams throughout
  • Review HLDs, BSRs, risk items, and penetration test findings to identify necessary security and privacy controls
  • Collaborate with Local Privacy, Corporate Security, and Secure by Design teams to ensure complete SPDA coverage
  • Ensure SPDA outcomes are reflected in Risk Registers and Personal Data Processing Registers
  • Support and coordinate the penetration testing lifecycle—from onboarding to final reporting
  • Maintain awareness of the AIB Platform architecture, capabilities, and existing security controls to align AI use cases
  • Apply knowledge of AI/GenAI methods such as RAG pipelines, LLM‑enabled automation, and AI agents within SPDA considerations
  • Track mitigation plans through to closure or escalate them to cyber risk governance where required
  • Provide security validation across environments (lab to pre‑prod to prod)
  • Ensure ongoing alignment of SPDA activities with GDPR requirements and Vodafone security policies
What we offer
What we offer
  • Exposure to cutting‑edge AI security practices and enterprise‑scale secure‑by‑design frameworks
  • Opportunity to influence security strategy for high‑impact global products and AI platforms
  • Cross‑functional collaboration with cyber security, architecture, privacy, ethical hacking, and product teams
  • Development within a global organisation committed to innovation and secure digital transformation
Read More
Arrow Right

Secure‑By‑Design (AI & Office IT) Security Lead - VOIS

We are seeking an experienced cyber security professional to ensure that Vodafon...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • An experienced cyber security professional with a strong background in securing Office IT, cloud-based services, and enterprise collaboration platforms
  • Knowledgeable in AI governance and AI security, including risk management for large language models, prompt security, lifecycle governance, and secure enterprise deployment
  • Comfortable working in agile delivery environments and complex technology landscapes spanning desktop, web, mobile, and cloud services
  • Confident communicating security risks and requirements clearly to both technical teams and non-technical stakeholders at all organisational levels
  • Qualified in information security or a related discipline, with recognised professional certifications and several years of practical cyber security and cloud security experience
Job Responsibility
Job Responsibility
  • Own and lead the Secure by Design assessment process from initial demand through to formal sign-off, supporting product and delivery teams throughout
  • Review solution and design documentation, including high-level designs, security requirements, risk items, and penetration test results, to identify appropriate security and privacy controls
  • Coordinate with privacy, corporate security, and Secure by Design stakeholders to ensure complete and consistent assessment coverage
  • Ensure assessment outcomes are accurately reflected in risk registers and personal data processing records
  • Support and coordinate penetration testing activities from onboarding through to final reporting and remediation tracking
  • Apply in-depth understanding of AI and GenAI use cases, including retrieval-augmented generation, AI agents, and large language model automation, and assess their security and privacy implications
  • Maintain awareness of enterprise AI platforms, their architecture, and existing security controls to ensure alignment when onboarding or modifying AI-related capabilities
  • Track mitigation actions through to closure, escalating unresolved risks through appropriate cyber risk governance forums
  • Support security approvals across development, pre-production, and production environments when enabling new capabilities
  • Provide guidance to internal teams, suppliers, and third parties to ensure alignment with Vodafone security standards and regulatory obligations, including GDPR
What we offer
What we offer
  • The opportunity to influence the security posture of global, AI-enabled products and services used by millions of customers and colleagues
  • Exposure to cutting-edge AI and GenAI technologies within a large, complex enterprise environment
  • Collaboration with diverse, international teams across cyber security, privacy, technology, and business functions
  • A role where security is positioned as a business enabler and differentiator, not a barrier
  • Fulltime
Read More
Arrow Right

Senior Lead Secure by Design

We are seeking a Secure by Design professional to lead technically orientated se...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive professional experience in information technology and cyber security, with strong capability in securing Office IT products and services
  • Demonstrated expertise with Microsoft technologies, including O365 Security & Compliance, Copilot, Microsoft Defender, Azure and cloud productivity ecosystems
  • Strong understanding of AI security and governance, including LLM risk management, prompt security and secure enterprise AI deployment
  • Solid background in enterprise risk management across cloud, Office IT and AI-related environments
  • Proficient in agile ways of working, modern cloud service consumption models and identity management in collaboration ecosystems
  • Ability to communicate complex technical matters to diverse non‑technical business stakeholders clearly and effectively
  • Holds relevant qualifications such as CISSP, CISM, CISA, CRISC, ISO 27001 LA, GIAC, TOGAF or SABSA
  • Minimum 5 years of experience in cyber security, 10+ years with Microsoft Office 365 and related services, and 5+ years in cloud security
Job Responsibility
Job Responsibility
  • Deliver technically focused security assessments for OIT products and services, ensuring alignment to secure by design principles
  • Define, communicate and oversee implementation of security requirements for new and existing services
  • Provide expert security design consultancy to architecture, delivery and operational teams across markets and group entities
  • Evaluate risks and compliance status of Office IT products, cloud services and AI-driven platforms, ensuring mitigation to acceptable levels
  • Guide suppliers and third parties in meeting Vodafone’s security expectations and standards
  • Support agile teams by coaching Security Champions and managing external security consultancy resources
  • Influence a collaborative approach that positions security as a business enabler
What we offer
What we offer
  • Opportunity to influence global cyber security practices across multiple markets and functions
  • Work on cutting-edge technologies including cloud, AI and enterprise collaboration platforms
  • Exposure to cross-functional global teams and high-impact security governance
  • Ability to shape secure solutions for products used by millions globally
Read More
Arrow Right

Secure by Design Expert Consumer IT & Channels

We are seeking a security specialist who will provide hands-on expertise in cybe...
Location
Location
Romania , Bucharest and Iasi
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced cybersecurity professional with 5+ years in security, including hands‑on consulting, risk management and security governance
  • Strong understanding of cybersecurity principles, frameworks and best practices
  • Knowledgeable in cloud security (AWS, Azure, GCP, Kubernetes, Docker) and identity and access management
  • Familiar with usability in security and privacy, with the ability to translate technical concepts for non‑technical audiences
  • Able to work effectively in near‑shore or remote team environments, using strong communication and critical thinking skills
  • Holds relevant certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
Job Responsibility
Job Responsibility
  • Provide expert guidance on secure-by-design principles to Consumer IT & Channels and support security integration throughout development lifecycles
  • Collaborate with architecture, design, engineering and operations teams to ensure adherence to Vodafone security standards
  • Identify, assess and prioritise risks while supporting remediation plans and mitigation initiatives
  • Conduct security reviews, ensuring alignment with regulatory standards such as GDPR, ISO 27001, PCI DSS and SOX
  • Support vulnerability assessment activities, reporting and follow-up, and contribute to improving security posture across platforms
  • Communicate security risks effectively to technical and non‑technical stakeholders, providing clear recommendations for complex environments
  • Enable a positive security culture by demonstrating how security can enable business innovation and secure product delivery
What we offer
What we offer
  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Fulltime
Read More
Arrow Right

Secure by Design - OIT

We are seeking an experienced cyber security professional to lead secure‑by‑desi...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experienced in information technology and cyber security, with strong capability in securing Office IT products and services
  • Skilled in cloud security, particularly Microsoft environments including O365 Security & Compliance, Azure, Microsoft Defender, Copilot and productivity platforms
  • Strong understanding and hands‑on experience with AI governance, LLM risk management, prompt security and secure deployment of enterprise AI solutions
  • Solid knowledge of Enterprise Risk Management, including identifying, assessing and mitigating risks in cloud, AI systems, data security and Office IT applications
  • Experienced in agile methodologies and familiar with Office IT landscapes across desktop, web and mobile
  • In‑depth understanding of collaboration ecosystems, real‑time communications, and secure identity management
  • Excellent communication skills, with the ability to translate technical risks into clear business‑focused language
  • Holds a degree in Information Security or equivalent, along with one or more professional certifications such as CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF or SABSA
  • 5+ years in cyber security, 10+ years with Microsoft O365 and Microsoft security services, and 5+ years in cloud security
Job Responsibility
Job Responsibility
  • Carry out technically focused security assessments for Office IT products, services and infrastructures, ensuring secure-by-design principles are consistently applied
  • Define, document and validate security requirements for Office IT solutions, enabling appropriate security controls and risk mitigation
  • Provide technical security guidance to global projects and programmes, particularly those involving Microsoft 365, Azure, Microsoft Defender, Copilot, collaboration platforms, identity systems and cloud-based services
  • Assess technology risk and compliance levels, identify gaps, recommend treatment plans and support risk reduction aligned with enterprise standards
  • Serve as a key security contact for Office IT stakeholders, communicating risks and requirements clearly to both technical and non-technical audiences
  • Provide advice to internal teams, suppliers and third parties, ensuring alignment with Vodafone’s security standards and processes
  • Coach and support Security Champions within agile teams to embed secure‑by‑design practices in day-to-day work
  • Collaborate closely with architecture, operations, Risk & Compliance, Ethical Hacking, Security Operations and Corporate Security teams
  • Support the implementation of AI security controls, including governance for Large Language Models (LLMs), secure deployment patterns, and prompt security practices
  • Help evolve secure‑by‑design processes and promote security as a business enabler, driving innovation and positive change
What we offer
What we offer
  • Influence the security posture of global Office IT services used across Vodafone’s enterprise and consumer ecosystems
  • Work at the forefront of cloud, collaboration and AI security, including Microsoft Defender, Azure, O365 Security & Compliance and Copilot
  • Collaborate with diverse global teams, suppliers and security functions across Group and local markets
  • Play a key role in shaping secure‑by‑design perceptions and helping security become a business enabler
  • Gain exposure to high‑impact decision‑making during commercial launch approvals and major programme deliveries
  • Fulltime
Read More
Arrow Right