VodafoneThree - Cyber Onboarding Engineer
Role details
Job location
Tech stack
Job description
As a Cyber Onboarding Engineer you are key to the successful delivery of Cyber Services for both Vodafone and its customers. You are self-motivated with a strong interest in Cyber Security and can enhance detection content for our SOC Team, enabling them to provide high-quality monitoring of SIEM systems, managed firewall & IPS services and much more.
This role offers full project lifecycle involvement ensuring you will develop an understanding of our customers, their risks and concerns and work collaboratively with them to create relevant SIEM content that supports agreed use-cases and threat models. You have the ability to ensure feeds into the SIEM are iteratively enhanced, writing custom IDS/IPS rules to improve detection capabilities or assisting with Vulnerability Scanning activities.
You are curious, organised and have great attention to detail with the ability to work in a collaborative environment and on your own if necessary. Knowledge of MITRE ATT&CK and previous experience mapping existing SIEM content to this framework are a definite plus.
- Comfortable writing Regular Expressions (regex)
- Produce/Enhance/Refine Monthly Reports for internal and external audiences
- Configure/Tune SIEM content, Managed Firewalls and IPS systems
- Monitor Threat Intelligence - internal, open source and commercial feeds
- Interact with other Cyber Defence, Security and Incident Response teams, within Vodafone, with customers and suppliers., We are regulated by the Financial Conduct Authority and all offers of employment for this role are subject to background checks, including criminal (DBS) and financial checks to meet the regulators standards.
If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, a sign language interpreter, or assistive technology, please refer to the Accessibility section of our Careers website (https://careers.vodafone.com/uk/applying-to-us/) for guidance.
We use AI in different parts of our business to boost innovation, improve efficiency, and create new opportunities. We know many candidates use AI to fine-tune their CVs or prepare for interviews, but what we really care about is your unique experiences and achievements.
During the interview, we want you to rely on your own knowledge and skills to show us who you really are-your personality, creativity, and abilities. Above all, we're looking for authenticity and can't wait to get to know the real you.
Requirements
Do you have experience in Scripting?, * Experience of SIEM content creation in a SOC environment
- Ability to interpret logs and events and identify patterns of behaviour, indications of compromise
- MITRE ATT&CK and other cyber frameworks
- IT and Network Security - Windows, Linux, Firewalls, IPS, Security Appliances.
- Experience of programming or scripting (e.g Python,C,Java,Bash)
- Educated to degree level or equivalent experience
- Must be able to maintain DV security clearance
Benefits & conditions
Pulled from the full job description
- Employee discount
- Company pension
- Paid volunteer time, We care about our people's success by offering great pay, bonuses, up to 28 days off plus bank holidays, and paid time for charity work. You can personalise our benefits for you and your family, like discounts, vouchers, a pension plan and loads more. We help with your career through our amazing learning tools and top-notch parental leave policies.
