Security Compliance and Assurance SME
Your day to Day
You will be responsible for ensuring that the policies, procedures and internal controls objectives in scope for Vodafone CIoud and Infrastructure (VCI) workstreams are fulfilled.
You will ensures that the policies, standards, processes and control activities are designed and operated to meet external regulations, financial audit requirements, internal audits, such as: Sarbanes-Oxley (SOx), PCI-DSS and ISAE 3402 requirements. The role acts as main point of contact during audits (internal or external audits.), assumes control coordination and operation, as needed.
You will ensures the efficient operation of assigned audit processes throughout the VCI organization, covering On-Premises and both Private/Public Cloud Infrastructure.
You will be responsible to coordinate VCI compliance activities with Security Departments, Local Markets and other VCI internal departments. This role oversees the implementation of new services and technologies at VCI, focusing on transitioning services from an On-Premises datacenter to a private/public cloud.
With these activities you will have a great impact on our business
•You will manage the assigned controls, from design, documentation, implementation, and execution.
•You will coordinate the audit session for the assigned area/controls from planning, evidence delivery and resolution.
•You will coordinate the communication between Central/Group Teams with VCI management and external/internal auditors.
•You will anticipate risks/gaps and takes pro-active action to address them without impacting the processes operation and audit cycles.
•You will ensure the efficient remediation of deficiencies identified by the auditors; implements controls and new activities as required by the auditors.
•You will be responsible with the continuous improvement of the processes and controls to obtain simple, efficient and error free processes.
•You will build control documentation and templates for new services together with service/product owners.
•Effectiveness of assigned controls
•Updated and efficient control processes
•Control enablement documentation
With these skills you are a great candidate
•You have a very good knowledge of SOX IT General Controls (Access management, Computer Operations: Back Up and Recovery, Change Management, Information Security Policies, Program Development, SOC Reports Review).
•You have a good knowledge of PCI-DSS; ISAE 3402 (and similar).
•You have experience in internal and external audits, in implementation of compliance requirements in cloud environments.
•You have a understanding of IT-Service Management ISO 20000)/ ISO 27001 / 9000 (optional GDPR requirements).
•Good knowledge of Data Centre technologies (on premise vs cloud).
•Customer focus and communication skills.
•Good project management and coordination skills.
•Strong analytical skills.
•Experience in coordinating virtual teams
•You have minimum 5 years of experience in IT internal/ external audit (e.g. ICOFR/SOX audits)
•Good to have: CIA/ CISA/ CRISC/COMPTIA or similar.
•Fluent in English
Sounds like the perfect job? We’ve got even more to offer:
•Work from Home – hybrid approach
•Medical and dental services
•Life and hospitalization insurance
•Dedicated employee phone subscription
•Special discounts for gyms and retailers
•Annual Company Bonus
•Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
•You get to work with tried and trusted web-technology
•Getting in on the ground floor of a technology changing company
•We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off.
•Special Paternal Program - 4 months of paid paternity leave
#_VOIS