Security Services Stream Lead @ A1 Competence Delivery Center

A1 Competence Delivery Center is a vital component of A1’s telecommunications business. Acting as an expertise hub, CDC is dedicated in delivering full range of high-quality IT, network, financial and other services to support A1’s operations across all OpCos, independent of location.

Using the power of A1 Group and leverage synergies, CDC enables transparency of resources, key skills and knowledge expansion and personal career growth opportunities’ enhancement, paired with job stability.

We are expanding the Security DC of the A1 Competence Delivery Center. Be part of this exciting journey!

This job can be performed by all countries within our A1 footprint.

Job purpose

We are seeking a highly motivated and experienced Security Services Stream Lead to head a core cybersecurity function responsible for enhancing the organization’s security posture through vulnerability management, penetration testing coordination, and secure software development support.

As the lead of this critical stream, you will oversee and drive execution of group-wide programs that ensure technical security risk is continuously identified, assessed, tested, and mitigated across all business units and systems.

Role insights:

• Design and develop group wide vulnerability management process
• Onboard all OpCo assets to central process
• Lead the enterprise vulnerability management program across A1 group.
• Oversee vulnerability identification, prioritization, reporting, and remediation tracking.
• Define and optimize processes for vulnerability management
• Provide executive-level reporting and metrics on remediation progress.
• Own the penetration testing program, including scoping, scheduling, and managing engagements with internal and external testing partners.
• Develop annual penetration testing plans on a Group level, based on regulatory requirements, service needs, local OpCo requirements and best practices
• Ensure timely execution of tests across OpCO infrastructure, applications, and cloud services.
• Oversee remediation tracking of findings.
• Align testing scope with emerging threats and business priorities.
• Lead efforts to integrate security testing and secure coding practices into the software development lifecycle (SDLC).
• Collaborate with DevOps and development teams to embed automated security testing (SAST, DAST, SCA).
• Support developers on remediating security findings and applying secure design principles.
• Champion secure-by-design culture across development initiatives.

What makes you unique:

• 5+ years of experience in cybersecurity, with at least 1 year in a leadership or coordination role.
• Strong knowledge of vulnerability management, penetration testing methodologies (OWASP, PTES), and DevSecOps.
• Familiarity with tools related to this domains.
• Understanding of SDLC, CI/CD pipelines, and secure coding practices.
• Experience managing third-party vendors, external testers, and audit stakeholders.
• Excellent communication skills, both technical and executive-level.
• Relevant certifications such as CISSP, CISM, CSSLP, or equivalent are a strong plus.

Our gratitude for the job done will be eternal, but we’ll also offer you:

• Innovative technologies and platforms to “play” with.
• Modern working environment for your comfort.
• Friendly, ambitious, and motivated teammates to support each other.
• Thousands of online and in-person learning opportunities to grow.
• Challenging assignments and career development opportunities in multinational environment.
• Attractive remuneration package.
• Flexible working schedule and opportunity for home office.
• Numerous additional goodies, including, but not limited to free A1 services.

If you are interested in this challenging opportunity, please do not hesitate to submit your application till 15.08.2025