Information Security Architect in Vodafone Ukrayina

Vodafone Ukraine is a world-class company that occupies a leading position in the field of technology and telecommunications, introducing innovations in all areas of activity.

The key to Vodafone Ukraine's success is our employees. That is why we are looking for goal-oriented and open-minded people with a desire to create projects that bring the future closer.

We invite you to join the team of professionals!

Responsibilities:

• Analysis of project initiatives and project documentation, security/architecture review, formation of conclusions regarding risks and compliance with IS requirements.
• Participation in architectural and project committees, justifying the need for changes in architecture and project documentation.
• Design and documentation of security architecture for new and existing systems ("secure by design", "privacy by design").
• Determining and describing requirements for security controls (IAM, network, encryption, logging, monitoring, WAF, etc.) in cloud and hybrid environments.
• Security integration in SDLC/CI/CD together with development, infrastructure and operations teams.

Requirements:

• Higher technical education (IT, information security, etc.)
• General experience in IT/information security of 3 years in the role of security/solution/cloud architect or similar architectural role.
• Practical experience of participating in project activities (project teams, architecture committees, steering committee, etc.).
• Deep understanding of security principles: Zero Trust, Defense in Depth, secure SDLC, privacy/security by design.
• Experience in designing solutions in one or more cloud platforms (AWS / Azure / GCP; OCI will be a plus): - SaaS/PaaS/IaaS models, network designs (VPC/VNet, segmentation, VPN, LB, WAF, CDN); — identity and access management (IAM, RBAC, SSO/MFA); data protection (encryption at reset/in transit, KMS, certificates, secret management).
• Knowledge and practical application of threat modeling approaches (eg STRIDE) and basic risk assessment approaches.
• Understanding and experience in applying standards and frameworks: ISO 27001/27002, NIST (CSF/800-series), CIS Controls, preferably MITER ATTandCK for risk and control mapping.
• English level not lower than Upper-Intermediate (B2).

Experience with:

• network is desirable security (firewalls, VPN, basic protocols, TLS); application security and OWASP Top 10; logging and monitoring (what to log, where, how to store, integration with SIEM/XDR).

We offer:

• A team of like-minded people, transparency of decisions and openness in communication
• Official employment, social guarantees
• Flexible work schedule and remote working days
• 31 calendar days of vacation
• Corporate medical insurance and wellness
• Free mobile communication
• Affordable tariff plan from Vodafone for family
• Professional training at the employer's expense
• Active corporate life

If you are interested in this position, please send us your resume with salary expectations.