Information Security Architect in Vodafone Ukrayina

Vodafone Ukraine is a world-class company that occupies a leading position in the field of technology and telecommunications, implements innovations in all areas of activity.

Our employees are the key to the success of Vodafone Ukraine. That is why we are looking for goal-oriented and open minded people with a desire to create projects that bring the future closer.

We invite you to join the team of professionals!

Responsibilities:

• Analysis of project initiatives and project documentation, security/architecture review, formation of conclusions regarding risks and compliance with IS requirements.
• Participation in architectural and project committees, justification of the need for changes in architecture and project documentation.
• Designing and documenting security architecture for new and existing systems ("secure by design", "privacy by design").
• Identifying and describing requirements for security controls (IAM, network, encryption, logging, monitoring, WAF, etc.) in cloud and hybrid environments.

Requirements:

• ????Higher technical education (IT, information security, etc.)
• Over 5 years of general IT/information security experience, of which 3+ years in a security / solution / cloud architect or related architectural role.
• Practical experience of participating in project activities (project teams, architectural committees, steering committee, etc.).

• Deep understanding of security principles: Zero Trust, Defense in Depth, secure SDLC, privacy/security by design.
• Experience designing solutions in one or more cloud platforms (AWS / Azure / GCP; OCI will be a plus): - SaaS/PaaS/IaaS models, network designs (VPC/VNet, segmentation, VPN, LB, WAF, CDN); - identity and access management (IAM, RBAC, SSO/MFA); data protection (encryption at reset/in transit, KMS, certificates, secret management).

• Knowledge and practical application of approaches to threat modeling (for example, STRIDE) and basic approaches to risk assessment.
• Understanding and experience in applying standards and frameworks: ISO 27001/27002, NIST (CSF/800-series), CIS Controls, preferably MITER ATT&CK for risk and control mapping.
• The level of English is not lower than Upper-Intermediate (B2).

Preferably, experience with:

• network security (firewalls, VPN, basic protocols, TLS);
• application security and OWASP Top 10; logging and monitoring (what to log, where, how to store, integration with SIEM/XDR).

We offer:

• A team of like-minded people, transparency of decisions and openness in communication
• Official employment, social guarantees
• Flexible work schedule and remote working days
• 31 calendar days of vacation
• Corporate medical insurance and wellness
• Free mobile communication
• A profitable tariff plan from Vodafone for the family
• Professional training at the expense of the employer
• Active corporate life

If you are interested in this position, please send us your resume with salary expectations.