Cloud Compliance Manager

Technology is a playground for ideas!

Vodafone Shared Services Romania is the place to make them come to life.

If you want to invest more in a career rather than just a job,

Meet us, Join us, Grow with us!

We stay hungry and true to our core values by recruiting people who are fun, passionate, open, and question everything.

Reflect on what your motivation is to come on board!  We’re eager to hear your story.

We live and thrive in an ever-changing environment where creativity and productivity are key, within working hours, of course.

Your day to day

The Cloud Compliance Manager will monitor the compliance of security policies across all public cloud services and keeps accountability for triggering and tracking the remediation /mitigation actions of all security vulnerabilities and hardening defect identified on systems inside Vodafone Public Cloud service providers (AWS, Google, Azure)

He/She will keeps track of security deficiencies through the documentation of findings, monitoring the follow through of the remediation, and validates closure to increase the security maturity of the security program and reduce overall risk.

With these activities you will have a great impact on our business

• Coordinate all the activities involved in the vulnerability management and security hardening processes for Public Cloud Services (incl. internal & external audits)
• Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks on public cloud services.
• Be compliant to security policy, processes and procedures for completeness in particular monitor & report non-compliancy of Resources and Accounts and work with PCS team to build action plans for remediation the non-compliancy.
• Prepare Reports on IT system vulnerability and be accountable & responsible of the internal data base, filling out the information and tracking the status of the managed vulnerabilities and hardening defects
• Prioritise and categorise assets for vulnerability remediation
• Support to PCS Security compliance specialist – engineer in decision making related to vulnerability and hardening defect remediation, risk acceptance, business impact analysis (. likelihood and impact)
• Maintain procedures to implement and improve vulnerability remediation coordination and risk management (sharing risk acceptance and monitor the deadline) and closely align with Group Cyber Security

With these skills you are a great candidate:

• Strong skills in presenting results/interacting with international C-level senior managers
• Technical understanding on industry security methodologies and tools
• Working Experience with Public cloud technologies like AWS and/or GCP and/or Azure.
• General understanding of Experience with Cloud Security Tooling, this should include some of the following; Dome9,TrendMicro, CrowdStrike, RedLock, Splunk, ArcSight, CyberArk, Barracuda, Checkpoint,Fortinet, Forsetti, Qualys, Symantec, Aquasec, Twistlocker
• Hands on experience with public cloud security tools and operations knowledge of security tools like Trend Micro and Qualys
• Capability to collect process measurements and prepare reporting dashboards
• Ability to interact in a multiple-stakeholders environment
• Able to autonomously drive multiple conversations and tasks at a time
• Able to analyse information and data to detect potential issues, threats or non-conformities, possible process failures and gaps

Must have technical / professional qualifications:

• Ability to work across international and distributed teams in a virtual environment
• Able to deal with international customers and partners
• Knowledge and comprehension of complex technical environments and tools, understanding of scheduling and patching infrastructure
• Working experience with Reporting tools: Splunk, Power Bi
• Proficient in MS tools: excel, PowerPoint
• Knowledge of basic concepts of
  • Main OS: Windows, Unix and Linux;
  • Network Architecture and devices (routers, switches, Proxies, Firewalls, Load Balancers, DNS)
• Knowledge of the ITIL, configuration & change management
• Project management knowledge ( nice to have Prince2, PMP)

Sounds like the perfect job? We’ve got even more to offer:

• Work from Home – You can get to work remotely from anywhere you choose 2 days per week
• Medical and dental services
• Life insurance
• Dedicated employee phone subscription
• Special discounts for gyms and retailers
• Annual Company Bonus 
• Ongoing Education 
• You get to work with tried and trusted web-technology
• Getting in on the ground floor of an technology changing company
• Flexible Vacation

The future is exciting. Ready?