VodafoneThree - Security Assurance Lead

Location & Working Hours

Location: Newbury + Hybrid
Salary: Excellent basic salary plus bonus and Vodafone benefits
Working Hours: Full time 37.5 hours per week - Monday to Friday

Hybrid Working Approach

Our hybrid working approach allows staff to work both in the office and at home. We ask employees to come into the office 2-3 days each week, for at least 8 days per month, in collaboration with their line manager to understand expectations.

What You'll Do

Work closely with teams across the business to build strong relationships and ensure accountability for security controls, meeting regulatory and certification requirements.

Key responsibilities include:

• Help support internal and external security audits and testing, ensuring customer expectations and legal security requirements are met.
• Report on security control performance based on audit and testing results.
• Track remediation activity and follow up with control owners to ensure issues are addressed.
• Analyse security risks, record gaps, own and manage them actively.
• Assess the impact of changes to customer security frameworks, legal requirements, or industry standards.
• Respond to internal questions and requests related to security assurance.
• Encourage teams to adopt security best practices and continuously improve posture.
• Work with teams to strengthen security controls as threats evolve.
• Build and maintain strong working relationships with internal stakeholders.

Who You Are

• Comfortable using Governance, Risk and Compliance (GRC) tools to manage and track security activities.
• Strong background in risk management, balancing business priorities with security requirements.
• Experience conducting or supporting security audits and testing activities.
• Actively working towards or keen to achieve a recognised security qualification such as ISO 27001/42001/27017/27701 auditor, CISM, CISSP, COBIT, CISA, CGEIT, or equivalent.

Additional Responsibilities & Delivery

• Maintain a clear RACI for security control ownership, holding stakeholders accountable for compliance.
• Produce and share security compliance KPIs and KRIs with key stakeholders to drive visibility and action.
• Ensure security certifications stay up to date and external milestones and deadlines are met.
• Support or carry out security audits and testing to demonstrate compliance with mandatory security controls.

Inclusion and Accessibility

We believe that everyone has valuable contributions to make. We are passionate about inclusion for all and encourage individuals with disabilities to apply. For reasonable adjustments, please refer to our accessibility guidance.

What We Offer

We care about people's success by offering great pay, bonuses, up to 28 days off plus bank holidays, paid time for charity work. Personalise benefits for you and your family, such as discounts, vouchers, a pension plan, and more. We support career development with learning tools and parent leave policies.

Legal and Background Checks

We are regulated by the Financial Conduct Authority, and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet regulator standards.