Would you like to be part of our new adventure? Vodafone Group is launching its new technological HUB (MSH), an international center of excellence dedicated to research and development of technical solutions, such as Secure Networks, 5G and 6G development, Open RAN, IoT, MPN & MEC and UCC for Vodafone Business, platforms and enterprise solutions.
Come and join us to create the future together!
The Cybersecurity Threat Expert is a highly skilled specialist, that will manage core and advanced SOC services, modular security services and advisory and security consultancy services of the Vodafone Business Central Security Operations Centre (VB Central SOC). He/she will give efficient, innovative and leading-edge security guidance and provide key input to operate, evolve and scale the VB Central SOC security services. He/she will be part of a team of engineering experts and Tier-3 security specialists responsible for continuity and availability of the VB Central SOC key platform components, maintaining the infrastructure according to best practices and keeping it up to date against potential future cyber threats and will be in charge of the following responsibilities:
1. Set up and deliver core SOC services in the Vodafone Business Central SOC, collaborating with L1/L2 Central SOC teams and other SOCs.
2. Deploy, configure, and maintain security tools and platforms (SIEM, SOAR, DLP, NG Firewalls, IPS, WAF, EDR/XDR).
3. Define and improve cybersecurity processes, ensuring timely enhancements.
4. Develop threat lifecycle tools and best practices for threat detection, analysis, and incident response.
5. Use threat intelligence services and malware sandboxes for advanced threat hunting.
6. Manage and maintain internal SOC operations.
What you bring
7. Bachelor’s Degree in engineering departments (preferably Electronics or Computer Engineering)
8. 3+ years in security engineering, consulting, penetration testing, red teaming, and vulnerability assessments in complex ICT environments.
9. Strong understanding of attacker tools, tactics, and techniques, with knowledge of MITRE ATT&CK and MITRE Shield.
10. Proficient in SIEM (QRadar, Splunk, Sentinel, Chronicle, McAfee, CryptoSIM, Logsign) and SOAR products.
11. Experience with threat modeling (STRIDE, PASTA, FAIR, Security Cards), operational threat intelligence, and attack frameworks (MITRE ATT&CK, Cyber Kill Chain).
12. Proficient in scripting/programming languages (Java, Bash, Python, PowerShell).
13. Experience with security technologies like Firewalls, IDS, IPS, and VPC.
14. CISSP, CISM, OSCP or CEH level is expected.