Threat and Vuln Senior Specialist

Role Title: Threat and Vulnerabilities Senior Specialist
Location: UK

Rol Purpose

Vodafone's Group Cyber Defence team reduce the risk and impact of global cyber threats to Vodafone and our customers.
The Threat and Vulnerabilities Senior Specialist is responsible to support the Cyber Defence Vertical teams on the most critical topics related to threats and vulnerabilities. In particular, the Senior Specialist will give senior advice in managing cyber incidents vulnerability led, provide direction on zero days, support strategic decision on risk led prioritization of vulnerabilities and use all tools available from Cyber Defence/OSINT Tools to execute independent assurance about effectiveness of controls in place to prevent incidents (e.g. Vulnerability coverage, Responsible Disclosure). The Senior Specialist will be actively involved in the Cyber Security broader community and actively supporting information sharing initiatives with other entities led by Cyber Threat Unit.

What you'll do

Key accountabilities and decision ownership:

• Supporting Vulnerability led incidents


• Senior advisor for central teams and local markets for vulnerability related topics


• Supporting risk led vulnerability prioritization


• Second line assurance on effectiveness of Cyber Defence toolings to detect threats and vulnerabilities


• Contribute to the wider Cyber Security Community for vulnerability topics on behalf of Vodafone


Who you are

Core technical competencies; able to demonstrate experience of:

• Significant experience in the vulnerability management and penetration testing field. Able to demonstrate experience and knowledge in one or more of the following is mandatory:


• Ability to quickly dig into complex technical concepts and distil for less technical audiences.


• Vulnerability scanning and management tools - both to understand the use of and an ability to explain the need for; combined with an awareness of leading on guidance at Vodafone scale and complexity.


• SME advice and providing concise technical briefings at a leadership and senior stakeholder level that drive decision making and response.


• Support Red Teaming activities with external suppliers where needed and identify internal pentesting activities on critical areas to improve the security posture


• Creation of technical reporting to describe particular type of vulnerabilities, impacts and mitigations


• Red Team and Penetration testing methodologies and tools - both to understand the use of and an ability to explain the need for; combined with an awareness of leading on guidance at Vodafone scale and complexity


• Expert-level understanding of operating system and software vulnerabilities and exploitation techniques.


• Must have web application vulnerabilities and exploitation techniques knowledge, covering the OWASP Top 10 as a minimum.


Core leadership competencies; able to demonstrate experience of:

• Applied thinking and analysis to new situations.


• Identifying, building, and maintaining effective relationships through influencing, collaboration, and liaison across relevant stakeholders globally.


• Analytical, communication and senior/executive stakeholder management skills.


• Creation, delivery and maintenance of high-quality technical reporting and remediation guidelines on identified technical issues.

Experience and knowledge in one or more of the following is desirable:

• Knowledge and experience in testing telecom technologies and infrastructure devices such as SIP, SS7, IN, Packet core infrastructure (GGSN/SGSN)


• Experience in developing in-house tools or scripts to improve delivery and facilitate testing operations.

C2 General

• Ability to perform targeted penetration tests with vulnerability identification, exploitation, and post-exploitation activities with no or minimal use of automated tools.


What's in it for you

Discretionary yearly bonus: 10%
Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
Charity days: 5 days/year
Maternity leave: 52 weeks out of which 39 weeks are fully paid + 13 weeks half pay and 6 months - working 4 days, getting paid 5
Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
Access to: private medical, private dental, free health assessments, share save scheme
Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan

Who we are

You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.

As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status.

Together we can.

#TogetherWeCan #GroupResourcing #GroupTalentAcquisition #WeAreHiring #JoinOurTeam #LI-hybrid


• Significant experience in the vulnerability management and penetration testing field. Able to demonstrate experience and knowledge in one or more of the following is mandatory:


• Ability to quickly dig into complex technical concepts and distil for less technical audiences.


• Vulnerability scanning and management tools - both to understand the use of and an ability to explain the need for; combined with an awareness of leading on guidance at Vodafone scale and complexity.


• SME advice and providing concise technical briefings at a leadership and senior stakeholder level that drive decision making and response.


• Support Red Teaming activities with external suppliers where needed and identify internal pentesting activities on critical areas to improve the security posture


• Creation of technical reporting to describe particular type of vulnerabilities, impacts and mitigations


• Red Team and Penetration testing methodologies and tools - both to understand the use of and an ability to explain the need for; combined with an awareness of leading on guidance at Vodafone scale and complexity


• Expert-level understanding of operating system and software vulnerabilities and exploitation techniques.


• Must have web application vulnerabilities and exploitation techniques knowledge, covering the OWASP Top 10 as a minimum.


Core leadership competencies; able to demonstrate experience of:

• Applied thinking and analysis to new situations.


• Identifying, building, and maintaining effective relationships through influencing, collaboration, and liaison across relevant stakeholders globally.


• Analytical, communication and senior/executive stakeholder management skills.


• Creation, delivery and maintenance of high-quality technical reporting and remediation guidelines on identified technical issues.

Experience and knowledge in one or more of the following is desirable:

• Knowledge and experience in testing telecom technologies and infrastructure devices such as SIP, SS7, IN, Packet core infrastructure (GGSN/SGSN)


• Experience in developing in-house tools or scripts to improve delivery and facilitate testing operations.

C2 General

• Ability to perform targeted penetration tests with vulnerability identification, exploitation, and post-exploitation activities with no or minimal use of automated tools.
  
  You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.


As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status.

Together we can.

Discretionary yearly bonus: 10%
Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
Charity days: 5 days/year
Maternity leave: 52 weeks out of which 39 weeks are fully paid + 13 weeks half pay and 6 months - working 4 days, getting paid 5
Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
Access to: private medical, private dental, free health assessments, share save scheme
Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan