Secure by Design Consultant - SD‑WAN & Network Security - VOIS

📍 Job Overview

Job Title: Secure by Design Consultant - SD-WAN & Network Security

Company: Vodafone (VOIS - Vodafone Intelligent Solutions)

Location: Pune, Maharashtra, India

Job Type: Full-Time

Category: Technology / Security / Network Operations

Date Posted: April 8, 2026

Experience Level: 5-10 Years

Remote Status: On-site

🚀 Role Summary

• This role is pivotal in embedding security principles into the design phase of Vodafone's SD-WAN and network security products and services.

• The consultant will act as a key liaison, translating complex cyber security concepts into actionable requirements for architecture and engineering teams.

• A primary focus will be on assuring the security posture of global enterprise solutions, specifically within SD-WAN, SASE, and public cloud environments.

• The position demands proactive engagement in threat modeling, risk assessment, and the definition of secure architectures to mitigate cyber risks effectively.

📝 Enhancement Note: While the job title is "Consultant," the responsibilities and required experience suggest a senior individual contributor role focused on technical security architecture and assurance within product development, rather than a client-facing advisory role. The "VOIS" designation indicates this is within Vodafone's shared services and transformation arm, focusing on internal product and service security.

📈 Primary Responsibilities

• Serve as the primary security interface, translating business needs and cyber security principles into practical, implementable design requirements for SD-WAN and related services.

• Define, develop, and assure secure architectures for SD-WAN products and services, ensuring compliance with Vodafone's security policies, regulatory mandates, and established industry best practices.

• Conduct comprehensive security posture assessments, threat modeling exercises, and detailed risk assessments for network and cloud-based solutions.

• Provide expert security design and architecture guidance to solution architects, engineering teams, and delivery teams, including those operating within agile development frameworks.

• Evaluate and review security efficacy, scalability, and alignment with Vodafone standards for SD-WAN and SASE vendor solutions from providers such as Cisco, Fortinet, VMware, Palo Alto Networks, and Zscaler.

• Ensure secure connectivity and seamless integration strategies for public cloud platforms, including AWS, Azure, and GCP.

• Scope, coordinate, and support penetration testing and other assurance activities to validate security robustness prior to product and service launches.

• Foster close collaboration with risk management, compliance, ethical hacking, security operations, and corporate security teams to deliver end-to-end security assurance.

• Mentor and support security champions within delivery teams to cultivate a proactive and collaborative security culture across the organization.

• Contribute to the continuous evolution and enhancement of Secure by Design standards, methodologies, and best practices, positioning security as a strategic business enabler.

📝 Enhancement Note: The responsibilities emphasize a proactive, "shift-left" security approach, focusing on embedding security early in the product lifecycle. The mention of specific vendors and cloud platforms indicates a need for practical, hands-on knowledge.

🎓 Skills & Qualifications

Education:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field, or equivalent practical experience.

Experience:

• 5-10 years of progressive experience in information security, with a strong emphasis on network security, SD-WAN, and cloud security architecture.

• Demonstrated experience in applying "Secure by Design" principles throughout the product development lifecycle, from concept to launch.

Required Skills:

• Deep expertise in SD-WAN technologies and architectures, including routing, QoS, and application-aware networking.

• Strong understanding and practical experience with enterprise network security principles, including firewalls, Intrusion Detection/Prevention Systems (IDPS), and VPNs.

• Proficiency in cloud security best practices and secure integration patterns for major public cloud providers (AWS, Azure, GCP).

• Experience with Secure Access Service Edge (SASE) frameworks and associated security components (e.g., SWG, CASB, ZTNA).

• Familiarity with Zero Trust architecture principles and implementation strategies.

• Ability to articulate technical security concepts and risks clearly to both technical and non-technical stakeholders.

Preferred Skills:

• Hands-on experience with security products from leading vendors like Cisco, Fortinet, Palo Alto Networks, VMware, and Zscaler.

• Knowledge of regulatory requirements and compliance frameworks relevant to telecommunications and enterprise services.

• Experience with agile development methodologies and integrating security into CI/CD pipelines.

• Familiarity with ethical hacking principles and penetration testing methodologies.

• Experience in coaching or mentoring junior security professionals or security champions.

📝 Enhancement Note: The experience level (5-10 years) suggests a need for a candidate who can operate independently and provide expert guidance, rather than requiring extensive supervision. The emphasis on influencing design decisions points to strong communication and interpersonal skills as critical.

📊 Process & Systems Portfolio Requirements

Portfolio Essentials:

• Demonstrate successful implementation of Secure by Design principles in previous roles, showcasing how security was integrated early in the product or service lifecycle.

• Provide examples of security architecture designs for SD-WAN, SASE, or cloud environments, highlighting key security controls, risk mitigations, and compliance considerations.

• Showcase experience with threat modeling and risk assessment methodologies, including examples of identified threats and implemented mitigation strategies.

• Include documentation or case studies illustrating the process of reviewing and assuring third-party vendor security solutions.

Process Documentation:

• Examples of security requirements documentation derived from business needs and translated into technical specifications.

• Documentation demonstrating the process of performing security assessments and risk analyses for new products or service features.

• Case studies detailing the process of collaborating with engineering teams to implement security controls and remediate vulnerabilities.

• Evidence of contributing to or developing security checklists, guidelines, or standard operating procedures for secure product development.

📝 Enhancement Note: Candidates should be prepared to present concrete examples of their work that illustrate their understanding and application of "Secure by Design" principles, particularly within the specified technology domains. The portfolio should highlight problem-solving and impact.

💵 Compensation & Benefits

Salary Range: An estimated salary range for this role in Pune, India, for a professional with 5-10 years of experience in Network Security and SD-WAN consulting, would typically fall between ₹15,00,000 to ₹25,00,000 per annum. This estimate is based on industry benchmarks for senior technology roles in major Indian IT hubs, considering the specialized nature of SD-WAN and cloud security expertise. Factors such as specific skills, vendor certifications, and proven impact will influence the final offer.

Benefits:

• Comprehensive health insurance coverage for employees and dependents.

• Retirement savings plans (e.g., Provident Fund contributions).

• Paid time off, including annual leave, sick leave, and public holidays.

• Opportunities for professional development, training, and certifications.

• Access to Vodafone's global employee networks and affinity groups.

• Potential for performance-based bonuses and incentives.

• Employee assistance programs offering counseling and support services.

• Subsidized canteen facilities and transport options (as applicable for on-site roles).

Working Hours: Standard full-time working hours are expected, typically around 40 hours per week, operating within the India Standard Time (IST) zone. While the role is on-site, Vodafone often promotes a culture that balances work and personal life, with potential for some flexibility depending on team needs and project cycles.

📝 Enhancement Note: The salary range is an estimation based on general market data for comparable roles in Pune, India. Actual compensation will be determined by Vodafone based on the candidate's qualifications, experience, and the specific demands of the role.

🎯 Team & Company Context

🏢 Company Culture

Industry: Telecommunications, Technology Solutions, Shared Services. Vodafone is a global leader in connectivity and digital services, with VOIS acting as its strategic arm for intelligent solutions, talent, technology, and transformation. This context implies a dynamic, fast-paced environment focused on innovation and customer value.

Company Size: Vodafone is a large multinational corporation with tens of thousands of employees globally. VOIS itself is one of the largest shared services organizations in the telco industry, with 30,000 FTEs. This scale offers significant opportunities for cross-functional collaboration and exposure to diverse projects but also requires navigating larger organizational structures.

Founded: Vodafone's history dates back to 1991 (though its origins are earlier). VOIS was established to centralize and optimize essential business functions. This long-standing presence suggests a stable yet evolving organization committed to digital transformation and operational excellence.

Team Structure:

• The Secure by Design Consultant will likely be part of a specialized team within VOIS, focusing on product security, architecture assurance, or GTM security for Vodafone Business solutions.

• The reporting structure would typically be to a Security Architecture Lead, Head of Product Security, or a similar senior management role within the technology or security domain.

Methodology:

• Vodafone VOIS emphasizes data-driven decision-making, leveraging analytics to drive insights and optimize processes.

• Workflow planning and optimization are key, particularly in the context of product development and service delivery, with a focus on efficiency and agility.

• Automation and continuous improvement practices are integral to VOIS's operational model to manage complexity and scale effectively across its global operations.

Company Website: https://www.vodafone.com/ and https://www.vodafone.com/about-vodafone/vodafone-business/vois

📝 Enhancement Note: The company's focus on "intelligent solutions" and "transformation" within VOIS suggests a culture that values innovation, efficiency, and the strategic application of technology. The "Secure by Design" aspect aligns with a commitment to robust, reliable, and secure services.

📈 Career & Growth Analysis

Operations Career Level: This role is positioned as a senior individual contributor, likely at a mid-to-senior level (5-10 years of experience). It requires deep technical expertise and the ability to influence without direct authority, making it a crucial role for ensuring product security. It's a step beyond a junior security analyst and offers the chance to shape product direction from a security perspective.

Reporting Structure: The consultant will report to a senior security leader, providing direct input into product security architecture and design. This structure allows for mentorship and guidance from experienced security professionals while offering visibility to higher management regarding security risks and mitigation strategies.

Operations Impact: The "Secure by Design" approach directly impacts Vodafone Business's ability to deliver secure, reliable, and compliant services to enterprise clients globally. By embedding security early, the role helps prevent costly breaches, maintain customer trust, ensure regulatory adherence, and ultimately protect Vodafone's revenue and brand reputation. The consultant's work directly contributes to the overall security posture and resilience of Vodafone's enterprise offerings.

Growth Opportunities:

• Specialization: Deepen expertise in specific areas like SASE, cloud-native security, or threat intelligence within SD-WAN ecosystems.

• Leadership: Transition into a Security Architecture Lead, Principal Security Consultant, or a management role overseeing product security teams.

• Broader Scope: Move into roles involving broader security strategy, risk management, or compliance across Vodafone's global operations.

• Skill Development: Gain exposure to cutting-edge security technologies, vendor solutions, and advanced threat landscapes through continuous learning and project involvement.

📝 Enhancement Note: The role offers a clear path for technical specialization and leadership within a large, global organization, making it attractive for security professionals aiming for long-term career growth in enterprise security.

🌐 Work Environment

Office Type: This is an on-site role, indicating a traditional office-based work environment within Vodafone's Pune facilities. This setting typically fosters strong team cohesion, spontaneous collaboration, and direct mentorship opportunities.

Office Location(s): The role is based in Pune, Maharashtra, India. This location is a major IT and business hub in India, offering a dynamic professional environment. Specific office details regarding amenities like parking, accessibility, or proximity to public transport would be available upon inquiry or during the interview process.

Workspace Context:

• The workspace is expected to be collaborative, designed to facilitate interaction among team members and cross-functional departments.

• Access to necessary security tools, analysis platforms, and communication technologies will be provided to support the consultant's responsibilities.

• Opportunities for direct engagement with peers, architects, engineers, and management will be frequent, promoting knowledge sharing and problem-solving.

Work Schedule: The standard work schedule will align with typical business hours in India (Asia/Kolkata timezone), approximately 40 hours per week. While the role is on-site, the company culture may allow for some degree of flexibility in start/end times, provided project deliverables and team coordination are maintained. Adherence to project deadlines and critical launch windows may occasionally require extended hours.

📝 Enhancement Note: Being on-site in a major tech hub like Pune offers benefits like access to talent, infrastructure, and a vibrant professional community, which can be attractive for career development.

📄 Application & Portfolio Review Process

Interview Process:

• Initial Screening: A recruiter or hiring manager will likely conduct an initial screening call to assess basic qualifications, experience, and cultural fit. Be prepared to discuss your background in SD-WAN, network security, and Secure by Design principles.

• Technical Interview(s): Expect one or more technical interviews focusing on your expertise. These may include scenario-based questions, deep dives into your experience with specific technologies (SD-WAN, SASE, cloud security), and discussions on threat modeling and risk assessment methodologies.

• Portfolio Review/Presentation: You may be asked to present specific case studies or examples from your portfolio that demonstrate your ability to apply Secure by Design principles. Focus on the problem, your approach, the solutions implemented, and the measurable outcomes.

• Hiring Manager Interview: A final interview with the hiring manager to discuss team dynamics, career aspirations, and overall fit for the role and Vodafone's culture.

Portfolio Review Tips:

• Curate Selectively: Choose 2-3 impactful projects that best showcase your Secure by

Design expertise in SD-WAN, network security, or cloud environments.

• Structure Your Case Studies: For each project, clearly outline:

  • The Challenge or business requirement.
  • Your Approach (methodologies used, e.g., threat modeling, risk assessment).
  • The Solution (secure architecture, controls implemented, vendor recommendations).
  • The Outcome (security improvements, risk reduction, compliance achieved, business enablement).

• Quantify Impact: Whenever possible, use metrics to demonstrate the value of your work (e.g., reduction in identified vulnerabilities, improved compliance scores, faster secure product delivery).

• Tailor to Vodafone: Highlight how your experience aligns with Vodafone's focus on enterprise solutions, SD-WAN, and cloud integration.

• Be Prepared to Discuss: Be ready to elaborate on your decisions, challenges faced, and lessons learned during each project.

Challenge Preparation:

• Scenario-Based Questions: Prepare for questions asking how you would approach securing a new SD-WAN service, assess a vendor solution, or mitigate a specific threat. Think about your structured approach (e.g., identify assets, threats, vulnerabilities, controls, residual risk).

• Technical Deep Dives: Refresh your knowledge on common SD-WAN configurations, SASE components, cloud security controls (AWS Security Groups, Azure NSGs), firewall policies, VPN protocols, and Zero Trust concepts.

• Stakeholder Communication: Practice explaining complex technical security issues and their business implications in clear, concise language. Consider how you would influence a non-technical product manager or a senior engineering lead.

📝 Enhancement Note: The emphasis on a portfolio and case studies suggests that demonstrating practical application of security principles is highly valued. Candidates should prepare to articulate their thought process and the tangible results of their security efforts.

🛠 Tools & Technology Stack

Primary Tools:

• SD-WAN Platforms: Experience with or ability to assess solutions from Cisco (Viptela/Meraki), VMware (VeloCloud), Fortinet (FortiGate/SD-WAN), Palo Alto Networks (Prisma SD-WAN), and others.

• Cloud Security Tools: Familiarity with security services offered by AWS (e.g., Security Hub, GuardDuty, WAF), Azure (e.g., Security Center, Firewall Manager, Sentinel), and GCP (e.g., Security Command Center, Cloud Armor).

• Security Assessment Tools: Proficiency in using threat modeling frameworks (e.g., STRIDE, PASTA) and risk assessment methodologies.

• Network Monitoring & Analysis: Tools for traffic analysis, packet capture, and performance monitoring (e.g., Wireshark, SolarWinds, Cisco DNA Center).

Analytics & Reporting:

• SIEM/Log Analysis: Experience with security information and event management systems (e.g., Splunk, QRadar, ELK Stack) for threat detection and incident analysis.

• Reporting Tools: Ability to generate clear and concise reports on security posture, risk assessments, and compliance status, potentially using tools like Microsoft Power BI or Tableau for visualization.

CRM & Automation:

• Project Management Tools: Familiarity with agile tools like Jira or Confluence for tracking tasks, requirements, and documentation.

• Collaboration Platforms: Proficiency in using tools like Microsoft Teams, Slack, or similar for communication and collaboration.

📝 Enhancement Note: The specific vendor mentions (Cisco, Fortinet, VMware, Palo Alto Networks, Zscaler) are key. Candidates should be prepared to discuss their experience with these or equivalent platforms and demonstrate an understanding of how to evaluate their security features and integration capabilities.

👥 Team Culture & Values

Operations Values:

• Security as an Enabler: Vodafone likely views security not as a barrier, but as a critical component that enables business growth and customer trust through robust and reliable solutions.

• Collaboration & Partnership: The role requires working closely with diverse teams, emphasizing a collaborative approach to problem-solving and a partnership mentality with business and engineering.

• Data-Driven Decisions: The expectation is to base security assessments and recommendations on objective data, threat intelligence, and risk analysis.

• Continuous Improvement: A culture that encourages learning, adaptation, and proactive enhancement of security practices and standards.

• Customer Focus: Ultimately, all security efforts are geared towards protecting Vodafone's customers and ensuring the integrity of services they rely on.

Collaboration Style:

• Cross-Functional Integration: Actively engaging with solution architects, engineers, product managers, and compliance officers to ensure security is integrated from the outset.

• Proactive Feedback: Providing constructive feedback on designs and implementations to improve security outcomes, and being open to receiving feedback on security approaches.

• Knowledge Sharing: Contributing to team knowledge bases, sharing insights on emerging threats, and mentoring junior team members or security champions.

• Agile Mindset: Adapting security reviews and assurance processes to fit within agile development sprints, ensuring timely feedback without hindering development velocity.

📝 Enhancement Note: The emphasis on "Secure by Design" and collaboration suggests a culture that values proactive security ownership and teamwork in achieving business objectives.

⚡ Challenges & Growth Opportunities

Challenges:

• Balancing Security and Agility: Ensuring robust security measures are implemented without unduly slowing down the pace of product development and service deployment in a fast-moving telco environment.

• Evolving Threat Landscape: Keeping pace with rapidly evolving cyber threats, vulnerabilities, and new attack vectors targeting SD-WAN, SASE, and cloud infrastructures.

• Vendor Complexity: Managing security across a diverse range of vendor solutions and ensuring consistent security posture across different platforms.

• Influencing Design: Effectively influencing design decisions made by architects and engineers who may have different priorities, requiring strong communication and negotiation skills.

Learning & Development Opportunities:

• Advanced Certifications: Pursuing specialized certifications in cloud security (CCSP), SASE, or specific vendor technologies.

• Industry Exposure: Attending relevant security conferences and webinars to stay abreast of the latest trends and technologies.

• Mentorship: Learning from senior security leaders within Vodafone and potentially receiving formal or informal mentorship.

• Cross-Domain Knowledge: Expanding knowledge beyond network security into areas like application security, data protection, and identity management within the broader GTM context.

📝 Enhancement Note: The challenges presented are typical for senior security roles in large tech organizations, offering ample opportunity for professional growth and skill development through overcoming these hurdles.

💡 Interview Preparation

Strategy Questions:

• "Describe your approach to embedding 'Secure by Design' principles into a new SD-WAN product offering. What are the key phases and deliverables?" (Focus on lifecycle integration, threat modeling, requirements definition.)

• "How would you assess the security posture of a new SASE vendor solution? What criteria would you prioritize?" (Discuss vendor risk assessment, security controls, compliance, integration.)

• "Imagine an engineering team proposes a design that introduces a known security risk to improve performance. How would you handle this situation?" (Emphasize risk communication, mitigation options, collaboration, and influencing skills.)

Company & Culture Questions:

• "What do you know about Vodafone's commitment to security and its role in the telecommunications industry?" (Research Vodafone's security initiatives, recent news, and VOIS's strategic importance.)

• "How do you see security contributing to Vodafone Business's growth and customer trust?" (Connect security to business enablement, risk reduction, and competitive advantage.)

Portfolio Presentation Strategy:

• Tell a Story: For each case study, frame it as a narrative: the problem, your proactive intervention, the solution designed and implemented, and the positive business impact.

• Visual Aids: If possible, use simple diagrams or flowcharts to illustrate architectures, threat models, or process flows. Keep them clean and easy to understand.

• Focus on Your Role: Clearly articulate your specific contributions and decision-making throughout the project.

• Be Prepared for Q&A: Anticipate questions about your choices, alternatives considered, and how you measured success. Be ready to defend your technical decisions based on security principles and risk management.

📝 Enhancement Note: Prepare to demonstrate not just technical knowledge, but also strategic thinking, problem-solving abilities, and effective communication, especially in influencing design and managing risks within a large corporate structure.

📌 Application Steps

To apply for this Secure by Design Consultant position:

• Submit your application through the official Vodafone Careers website. Ensure your resume highlights experience with SD-WAN, network security, cloud security, and Secure by Design methodologies.

• Portfolio Customization: Select 2-3 key projects that best exemplify your experience in securing network and cloud solutions. Prepare concise summaries or presentations for each, focusing on problem, solution, and impact.

• Resume Optimization: Tailor your resume to align with the keywords and responsibilities mentioned in the job description, emphasizing achievements in risk assessment, threat modeling, and secure architecture design.

• Company Research: Familiarize yourself with Vodafone's business objectives, VOIS's role, and its current technology landscape, particularly regarding SD-WAN and cloud services. Understand their stated values and commitment to security.

• Interview Practice: Rehearse answers to common technical and behavioral interview questions, focusing on your experience with specific security tools, vendors, and methodologies. Practice articulating your portfolio examples clearly and confidently.

⚠️ Important Notice: This enhanced job description includes AI-generated insights and operations industry-standard assumptions. All details should be verified directly with the hiring organization before making application decisions.