Key skills
Cyber SecurityRisk ManagementCommunicationCollaboration
About this role
Role Overview
- As a Cyber Security Specialist, you will be integrated into the Portugal Cyber Security Governance, Risk & Control function, with responsibility for ensuring that cyber security risks are identified, assessed, governed and managed within Vodafone’s risk tolerance.
- You will be responsible for contributing to the three main areas: Cyber Risk Management, Security Governance and Control Assurance.
- You will act as a Cyber GRC Subject Matter Expert to enable technical and business teams to operate Vodafone products and services in a secure and compliant manner, with strong focus on cyber risk, policy adherence and control effectiveness.
- You will be responsible for ensuring that cyber security risks are properly identified, assessed, governed and managed, that security controls are effectively implemented and evidenced, and that all governance processes supporting those controls are in place, in line with Vodafone Group cyber security strategy and local market technology and business priorities.
- You will follow up on risks, controls and remediation actions throughout their lifecycle, ensuring proper understanding of cyber security requirements, analysing, classifying and prioritising cyber risks according to business context, and supporting informed risk decisions.
- You will report to the Cyber Security GRC Team Lead in Portugal and be an active part of the local market Cyber Security team, supporting effective collaboration with local structures such as Network, Digital & IT, Secure by Design, Cyber Defence, Corporate Security, Privacy, Legal, Risk and Compliance, among others.
Requirements
- Degree, professional qualification or relevant experience in Technology Security
- Experience in cyber security risk management, governance and control frameworks
- Experience supporting risk registers, control assessments, audits or assurance activities
- Knowledge of information security and risk management standards (ex: ISO/IEC 27001, NIST, COBIT)
- Strong understanding of cyber security threats and ability to assess business and operational impact
- Experience working with policies, standards, controls and compliance requirements
- Strong communication skills, with the ability to explain cyber risks and control gaps in clear business language
- Ability to work effectively across technical and non‑technical stakeholders, balancing security, risk and business needs
- Fluency in the English language
Tech Stack
- Cyber Security
Benefits
- Hybrid Work Model
- Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders
- Vodafone Products and Services
- Employees get a mobile phone, free communication plan, data card, and various discounts on services and products
- Recognition
- Recognition programs for innovative, creative, high-potential employees and exemplary behaviors
- Health and Well-being
- Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products
- Learning
- Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing and Skillsoft)
- Local and International Mobility
- Internal recruitment with local and international rotation opportunities across departments and roles