Share this Job

Risk & Compliance Lead

Posting Country:  Germany
Date Posted:  14-Mar-2023
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Location: Germany / UK


Our Team:


Cyber Security:

At Vodafone Global Cyber Security, we help our customers to remain secure and resilient in a world of increasingly sophisticated cyber-attacks.  We offer a unique combination of highly resilient networks, enterprise-class cloud platforms, advanced security systems and expert advice, helping limit the risks of a mobile workforce, such as commercial losses, regulatory breaches or threats to individuals, whilst enabling productivity and employee satisfaction.  Joining us as an Information Security Officer, you can be part of our empowering our Cyber Security function. The Future is exciting. Ready? 

The Information Security Officer reports to the Sr Mgr Cyber, Functions, Risk&Audit Lead; the role’s purpose is to maintain and manage the security compliance and certification for specific Vodafone Business hosting environments. The ISO is responsible for handling all information security issues for those services within the scope of the certification programme.

With us you will:


  • Controlling and Governing the information security process 
  • Providing management with support when creating additional control requirements of information security wrt BSI requirements
  • Coordinating the creation of the security concept, the contingency planning concept, and others
  • Responsible for development and undertaking successful preparation for ISMS audits based on standards such as NIST, ISO27001 and BSI IT-Grundschutz
  • Ensure compliance targets are met in a timely fashion with evidence of compliance
  • Lead and operate effective 3rd party compliance programme for partners, vendors, resellers and suppliers
  • Point of contact for the organisation and the certification bodies
  • Ensure emergency and business continuity objectives of VC&S operations
  • Governance and status reporting to senior management 
  • Willingness to get involved in other security activities as per requirements

Apply if you have:


  • Security frameworks including NIST, ISO27001, BSI IT-Grundschutz within a hybrid environment
  • Understanding of information security encompassing control technologies, risk and compliance
  • Strong stakeholder management skills
  • Strong verbal and written communication. Fluent German is a key requirement
  • Knowledge and experience with cloud services such as AWS, Azure and Google
  • Critical thinker and strong problem-solving skills
  • Very good knowledge in German and English

Must have technical/professional qualifications: 

  • ISO 27001 Lead Auditor
  • IT-Grundschutz Practitioner (desirable)
  • Expert on Risk Management
  • Understanding of IT and Network technologies and controls  

If you have any question left:


Check out the application process and get to know us better here:
Read more stories here: 



#LI -Hybridworking





Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.