Vodafone

CYBER DEFENCE - SIEM CONTENT DEVELOPMENT SPECIALIST - VOIS

Vodafone  •  Pune, IN (Onsite)  •  2 days ago
Apply
Save Job
Mark Applied Mark Interviewed Mark Offered
Hide Job Report Job
AI can make mistakes so check important info. Chat history is never stored.
67
AI Success™

Job Description

Who we are


VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value for customers by delivering intelligent solutions through Talent, Technology & Transformation.
As the largest shared services organisation in the global telco industry with 30,000 FTE, our portfolio of next-generation solutions and services are designed in partnership with customers across Vodafone Group, local markets, and partner markets to simplify and drive growth. With our strategic partner Accenture, we work alongside our Vodafone customers, other Telco and tech companies to drive transformation, meet the challenges of our industry and ensure we stay relevant and resilient. This partnership is a unique, industry-first model which brings together the best of in-house and 3rd party capability.
We work with customers across 28 countries from 10 VOIS locations: Albania, Egypt, Hungary, India, Romania, Spain, Turkey, UK, Germany, Ireland, and with a network of teams in Czech Republic, Italy, Greece, and Portugal.
#VOIS #BeUnrivalled #CreateTheFuture

About this Role


We are seeking a Cyber Defence – SIEM Content Development Specialist to strengthen Vodafone’s global Cyber Security Operations Centre (CSOC) detection capability by designing, developing and optimising security detection content across SIEM and EDR/XDR platforms. This role focuses on understanding the evolving threat landscape, translating business and security requirements into actionable detection logic, and continuously improving threat detection and response outcomes across Vodafone.

What you’ll do

  • Design, develop and fine-tune detection rules and use cases across existing and new SIEM platforms, with a strong focus on Elastic (ELK) and other leading SIEM technologies.
  • Lead and contribute to security content engineering initiatives, applying secure software development lifecycle (SDLC) and agile practices.
  • Analyse attacker behaviour, threat intelligence, MITRE ATT&CK techniques and adversary tooling to create indicator-based and behavioural detections.
  • Support and, where required, lead threat response workflows and playbook creation, ensuring seamless integration with CSOC operations.
  • Collaborate closely with log source owners, engineering teams and stakeholders to understand telemetry, risks and operational requirements, translating them into effective detection content.
  • Deliver security reporting, advisories and post-incident analysis, converting lessons learnt into measurable improvements in detection and response.
  • Maintain clear documentation, including detection logic, workflows and operational playbooks, to support consistent CSOC operations.

Who you are

  • An experienced cyber security professional with a strong background in SOC operations, SIEM content development, threat hunting or security engineering.
  • Skilled in SIEM technologies, with hands-on experience in Elastic/ELK and working knowledge of platforms such as ArcSight, Microsoft Sentinel, Splunk or Chronicle.
  • Comfortable working with cloud and endpoint telemetry across environments such as AWS, GCP and Microsoft security tooling.
  • Technically confident, with experience in programming or scripting (for example Python, SQL, JavaScript, PowerShell, KQL or ES|QL) and strong capability in regular expression development.
  • Knowledgeable in security frameworks and threat models, including MITRE ATT&CK, cyber kill chain concepts and advanced persistent threat strategies.
  • Analytical, collaborative and able to work independently, making informed decisions while building strong relationships across the security community.

Not a perfect fit?


Concerned you may not meet every requirement? Vodafone is committed to creating an inclusive workplace where everyone can thrive. If you are excited about this role but your experience does not align exactly with every aspect of the job description, you are encouraged to apply. You may be the right candidate for this or another opportunity, and the recruitment team will support you in exploring where your skills fit best.
Concerned you may not meet every requirement? Vodafone is committed to creating an inclusive workplace where everyone can thrive. If you are excited about this role but your experience does not align exactly with every aspect of the job description, you are encouraged to apply. You may be the right candidate for this or another opportunity, and the recruitment team will support you in exploring where your skills fit best.

What's in it for you


  • The opportunity to work at the heart of Vodafone’s global cyber defence capability, protecting customers and critical services at scale.

  • Exposure to complex, enterprise-level security environments and modern SIEM, EDR and XDR technologies.

  • A collaborative, inclusive environment that values continuous improvement, learning and innovation.

  • The chance to influence detection strategy and operational effectiveness across multiple markets.

What skills you will learn

  • Advanced SIEM content engineering and optimisation techniques across multiple platforms.
  • Deeper expertise in behavioural detection, threat modelling and adversary simulation.
  • Practical application of secure software development practices within cyber defence operations.
  • Enhanced stakeholder engagement and communication skills within a global security organisation.

VOIS Equal Opportunity Employer Commitment


Vodafone recognises and celebrates the value of diversity in building a workforce that reflects the customers and communities it serves. No form of discrimination is tolerated. This includes, but is not limited to, discrimination based on race, colour, age, veteran status, gender identity, gender expression, sexual orientation, pregnancy, maternity or parental status, ethnicity, disability, religion or belief, political affiliation, trade union membership, nationality, citizenship, indigenous status, medical condition, HIV status, neurodiversity, social origin, cultural background, marital or civil partnership status, or socio-economic background.

Join Us


At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this.
We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.
With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Alert


Apply for Vodafone jobs only through the official Vodafone Careers website to avoid job scams and fraud.” #JDEnhancedByTARA

Follow us on social media and #StayConnected

Vodafone

About Vodafone

At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us.

Through our technology we empower people, connecting everyone regardless of who they are or where they live, we protect the planet and help our customers do the same.

But we’re not just shaping the future of technology for our customers – we’re shaping the future for everyone who joins our team too. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable, more inclusive world.

If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities and support to help you belong and make a real impact.

#TogetherWeCan

Industry
Telecommunications
Company Size
10,000+ employees
Headquarters
London, GB
Year Founded
1982
Website
vodafone.com
Social Media