Executive Head: Cybersecurity: SA Operations at Vodafone Global Enterprise

Role Purpose/Business Unit:

• Cybersecurity is critical to Vodacom and Vodafone and a strategic priority to enable our business and customers. The Executive Head of Cybersecurity is a Vodacom Group-level role which champions and delivers the cybersecurity across all Vodacom South Africa (SA) businesses. This role is critical in ensuring the right priorities are focused on to reduce cyber risk across SA as rapidly as possible. 
• This role will lead the implementation of strategic cybersecurity initiatives aligned with the Group’s Cybersecurity strategy and Group Technology roadmap for South Africa, ensuring timely delivery, exceptional risk management, measurable outcomes, operational efficiency, strategic vendor management and cross-functional alignment.
• This individual will lead the planning, deployment, optimization, and maintenance of robust and scalable cybersecurity infrastructures, leveraging cutting-edge technologies to support business growth, enhance customer experience, and drive digital transformation.
• Operating at a senior leadership level, the role requires collaboration with both internal and external stakeholders to provide leadership across Vodacom South Africa market and its subsidiaries, influencing local market cybersecurity policy and innovation and ensuring alignment with organisational goals.

Your responsibilities will include:

• Drive the cybersecurity strategy implementation for Vodacom South Africa aligned to the Vodacom group technology strategy and Vodacom group cybersecurity strategy. 
• Translate the strategic vision into operational requirements and drive the fulfilment of these technical requirements.
• Responsible for the SA organization-wide cybersecurity program, governance, and risk management.
• Lead crisis management and incident response for SA, working closely with the Group Ciber Intelligence Centre (CIC). 
• Overseeing the implementation of large-scale cybersecurity initiatives across South Africa including overseeing cross-functional teams delivering cybersecurity programme. 
• Translating technical capabilities into business outcomes and objectives, defining clear metrics for progress and regularly reporting them into Group Cybersecurity Mancom and SA IT, Audit and Risk Committees.
• Oversight of budget planning and resource allocation for cybersecurity programmes.
• Delivering new security capabilities into business areas and identifying opportunities and security demand from business areas. 
• Identifying and working with technology teams to remediate cybersecurity risk.
• Establishing and maintaining strategic partnerships with internal and external stakeholders.
• Championing a culture of security awareness and resilience across all business units including the adoption of emerging technologies (e.g. AI, Zero Trust, quantum-safe cryptography) to future-proof the organisation.
• Providing board-level insights and reporting on cybersecurity posture and risk mitigation.
• Participate in development of Group security policies, standards, and framework and drive their localization in the SA market. 
• Champion and rally the IT and Network teams around the Cybersecurity function and educate these areas on the value of the function to enable revenue generation, cost savings and business performance measurements.
• Conduct strategic analysis of Vodacom SA system and network strategies to ensure that the strategic technological direction meets and aligns to security requirements and supports Group cybersecurity objectives.
• Oversee the security design and implementation of all products across Financial Services, Consumer, Enterprise, Technology and Digital – design phase security and pre-post implementation.
• Partner with business leaders and peer-level managers to assess the technological cost and impact of recommended changes, help clarify priorities, and coordinate cross-organizational consortia where common needs have been identified.
• Provide security consultation for business transformation and applications-related projects so that decisions can be made as to the most appropriate delivery methodology.
• Provide leadership to the SA team, in line with business requirements, technology standards and best practices within the function. 
• Report to Market senior leadership concerning risk, vulnerabilities and other security exposures and remedial actions. 

The ideal candidate for this role will have:

• An Industry-Recognised Cybersecurity Certifications e.g. CISSP, CISM, CRISC
• Minimum of 4-year tertiary qualification in Information Systems or Engineering (BSc IT, BCom IT, Diploma IT)/ Masters advantageous

Core competencies, knowledge and experience :

• Proven leadership experience managing large, cross-functional teams and complex cybersecurity operations in multiple business portfolios
• Expertise in cutting-edge cybersecurity technologies such as threat detection and response, encryption, identity and access management, and cloud security.
• Advanced knowledge of cyber risk management, threat modelling, and mitigation across business units and third-party ecosystems. Strong understanding of local and global regulatory frameworks (e.g. GDPR, POPIA, PCI-DSS), with experience leading compliance, audit readiness, and remediation. Proven ability to engage with regulators, suppliers, and industry bodies——while enforcing governance frameworks aligned with ISO 27001, NIST, and COBIT. 
• Expertise in enterprise security architecture, including secure-by-design principles, zero trust models, and cloud-native security frameworks. Proficiency in securing hybrid and multi-cloud environments (e.g. AWS, Azure, GCP), implementing identity and access management (IAM), privileged access controls, and authentication mechanisms. Familiarity with secure software development (DevSecOps), SIEM, DLP, endpoint protection, and emerging technologies such as AI-driven threats and quantum risks.
• Proven leadership experience managing large, cross-functional teams with a focus on collaboration and capability building. Strong communication and stakeholder engagement skills, including the ability to present technical insights to non-technical audiences. Commitment to mentoring, succession planning, and fostering a strong cybersecurity culture. Financial acumen with experience in budget management, cost optimization, and vendor performance oversight.

Closing date for Applications: 12 November 2025.