Tetszik Önnek ez az állás?
Jelentkezzen rá most!
Join Vodafone Hungary and build a better tomorrow!
We are looking for a
Technology Security Senior Expert - 000000228245
for our Technology Security!
At Vodafone we connect everybody to live a better today and build a better tomorrow. It is the future we have in our mind when we see the speed of technology development. There is so much creativity across the technology industry that the speed of change is increasing. We embrace the opportunities of the future and work proactively to make good use of technology. As you can imagine, this means that we have a vibrant and diverse mix of skills and people making Vodafone a great place to work.
Your place in the team:
- Perform Audit and Technology risk assessments by reviewing, documenting, evaluating, and testing general computer controls and application controls for any IT compliance works as financial audit support, SOX 404, Matrix, PCI DSS, ISO/IEC 27001
- Identifies, develops, and documents audit issues and recommendations for improvement using independent judgment concerning areas being reviewed
- Assesses the efficiency of existing processes and procedures and identifies potential opportunities for process improvements
- Evaluates the effectiveness of applied controls for systems, networks, and application
- Implement and maintain the Information Security documentation and controls in line with Group requirements and in line with the requirements of the ISO 27001 certification
- Assist in successful passing of the regular ISO 27001 follow-up audits
- Develop and maintain information security policies, standards, regulations and plans and review compliance with them
- Responsible to control and review compliance with Information security requirements of Vodafone Group, and with statutory and legal information security requirements
- Controls and monitors the fulfilment of the technology security requirements
- Operate and maintain the IT&NW security solutions assuring confidentiality and consistency and availability for other departments to use outcomes of these solutions
- Provide independent, objective assurance and consulting services to improve company security operations
You will be involved in the following tasks
- Create and maintain IT&NW security policies, standards and procedures and review compliancy with them
- Control compliance with Group requirements
- Investigate information security incident, alarms
- Advise technical security solutions
- Monitor the fulfilment of the technology security requirements
- Provide independent reporting line for CTSO in sense of information security issues
- Participation in Technology Risk Management process
- Assisting in developing and preparing yearly corporate risk assessments
- Performs audit work as assigned using the Group Internal Audit methodology to evaluate risk, determine control objectives and verify the extent to which affiliate control techniques meet objectives and effectively documents controls and issues
- Devises effective and efficient test steps for testing key controls
- Identifies key controls around network security, logical access, change management, system development and implementation, and computer operations during walkthroughs of affiliate's IT environment
- Escalates audit issues to the Internal Audit manager and CTSO. Interacts with affiliates' TD management to develop and negotiate solutions. Follows up on issues with affiliates' TD management to ensure carry through of resolutions
- Performs follow-up on the status of outstanding internal audit issues
- Fulfil Hungary specific external audit requirements and assure compliancy related to information security requirements (Mátrix audit, other)
- Fulfil Vodafone Group initiated audits like SOX and assures compliancy with global standards like PCI DSS related to information security requirements
- Communicates or assists in communicating the results of audit and consulting projects
- Provide support for developments by determining security and compliance requirements and review fulfilment of these requirements.
- Operate and maintain the Technology Security solutions assuring confidentiality and consistency and availability for other departments to use outcomes of these solutions
We are looking for you if you have
- BSc. in Computer/Industrial/Electrical & Electronics Engineering is desired
- Masters degree (preferably in Computer Science) or equivalent information security experience is desired
- Certified to CISA or CISSP is preferred
- Solid understanding of information technology and information security.
- Strong background in controls and/or compliance
- Possess a good working knowledge of both IT General Controls and Application Controls
- Demonstrated working knowledge of information technology general controls concepts in the areas of systems development, change management, computer operations and access to programs and data
- 5 years progressive experience in Information Security
- Knowledge of internal auditing standards and control frameworks
- Understanding of the following standards and their requirements (SOX, ISO27001, PCI DSS)
- Know the requirements of acquiring and maintaining an ISO 27001 certification
- Experience in compliance reporting
- Solid understanding of operating systems and databases, such as UNIX/LINUX, Oracle and SQL database management systems, Windows Server, network security
- Advanced knowledge of major security tools and technologies such as intrusion detection and prevention Systems, data loss prevention and identify management
- Fluency in English
The future is exciting. Ready?
- IT Operation, Telecommunication
- IT Security
- Full time
- 5-10 years professional experience
Required language level:
- English - higher advanced/fit for negotiation
1096 Budapest, Lechner Ödön fasor 6.
How to apply/ contact information:
If you are interested in the position, apply online!