.
Would you like to be part of our new adventure? Vodafone Group is launching its new technological HUB, an international center of excellence dedicated to research and development of technical solutions, such as Secure Networks, 5G and 6G development, Open RAN, IoT, MPN & MEC and UCC for Vodafone Business, platforms and enterprise solutions. Come and join us to create the future together!
The Cybersecurity Threat Expert is a highly skilled cybersecurity specialist responsible for managing core and advanced Security Operations Centre (SOC) services, modular security services, and advisory and security consultancy services of the Vodafone Business Central Security Operations Centre (VB Central SOC). He/she will provide efficient, innovative, and leading-edge security guidance and offer key input to operate, evolve, and scale the VB Central SOC security services. This individual will be part of a team of engineering experts and L3 security specialists responsible for the continuity and availability of the VB Central SOC's key platform components, maintaining the infrastructure according to best practices, and keeping it up to date against potential future cyber threats.
The responsibilities include:
1. Accountable for the set up and delivery of the core SOC services in the Vodafone Business Central SOC, working in partnership with the L1/L2 Central SOC teams and other SOCs, Vodafone Business and Technology functions.
2. To deploy, configure, and maintain security tools and platforms, including SIEM, SOAR, DLP solutions, NG Firewalls, IPS, WAF, EDR/XDR.
3. To define and maintain the quality and effectiveness of cybersecurity processes, taking resposibility of implementing improvements on a timely manner.
4. To develop open-source and vendor-based threat life-cycle tools and define best practices to perform threat detection and analysis and manage incident response
5. To effectively use threat intelligence services and malware sandboxes for hunting new and advanced malware threats
What you bring:
6. 5+ years of experience in performing hands-on security engineering, consulting, penetration testing, and/or adversary simulation, red teaming exercises, vulnerability assessments in complex operational ICT environments.
7. Experienced in SIEM (QRadar, Splunk, Sentinel, Chronicle, McAfee, CryptoSIM, Splunk, Logsign etc.) and SOAR products.
8. Experience working in an industry standard SOC or similar environment, providing incident handling and response, intrusion detection, analysis, cyber threat intelligence, threat determination, and mitigations processing and tracking
9. Experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development as well as experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices.
10. Experience of incident response processes, and threat intelligence cycles, including understanding of IP network traffic, security vulnerabilities, different exploitation techniques, and malware behaviours (including communications protocols)
.