Role Purpose:
We are seeking a skilled Telecoms SIEM Content Developer to join our team and play a pivotal role in enhancing the security of our telecoms infrastructure. This role involves creating, managing, and maintaining SIEM content specific to telecoms devices and networks to detect and respond to security threats effectively.
Cyber Defence Operations (CDO) is Vodafone Group’s Cyber Defence Operations Centre of Excellence.

CDO’s mission is to protect Vodafone customers against global cyber risk. CDO is specifically accountable for delivering:

• Cyber Defence operational leadership across Vodafone.
• Cyber Defence operational capabilities to Vodafone Group, the Local Market Operating Companies, and Partner Markets to enhance Vodafone’s global cyber defence posture and reduce its cyber risk.

Telecoms SIEM Content Development Specialist works in the Cyber Security Operations Team. This role is at the heart of the CDO team and a Telecoms SIEM Content Development Specialist can expect to be involved concurrently in a number of the following areas:

• Content Development – Create, customize, and maintain SIEM rules, alerts, and correlation policies tailored to telecoms devices and network elements, ensuring timely threat detection and response.
• Threat Analysis – Analyse security event data to identify potential security incidents and vulnerabilities specific to the telecoms environment.
• Security Analytics – takes part in a security event analysis activity to defeat cyber threats.
• Log Integration – Assist in configuration of log sources for telecoms devices and network components, ensuring comprehensive data collection for analysis.
• Documentation – Maintain clear and up-to-date documentation of SIEM content, configurations, and telecoms-specific threat intelligence.
• Compliance – Ensure that SIEM content aligns with regulatory and industry compliance standards relevant to telecoms.
• Continuous Improvement – Stay up-to-date with emerging threats, trends, and technologies in the telecoms security landscape and incorporate best practices into SIEM content.
• Security Reporting and Advisories – takes part in, and may lead, the delivery of cyber security reports and advisories to all key stakeholders.
• Residual Risk Assessment – takes part in the delivery of ‘operational and technical’ lessons learnt post incident analysis and reporting.

Telecoms SIEM Content Development Specialist will be expected to operate with minimal supervision and to be able to make quick independent decisions. This role requires the ability to build strong relationships across the Vodafone security community.

WHO WE ARE

You may have already heard of Vodafone - We’re a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.
As part of our global family, whether that’s Vodafone, Vodacom or _VOIS, you’ll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status.
Together we can.

TogetherWeCan #GroupResourcing #GroupTalentAcquisition #WeAreHiring #JoinOurTeam #LI-hybri

WHAT YOU’LL DO

• Content Development – Create, customize, and maintain SIEM rules, alerts, and correlation policies tailored to telecoms devices and network elements, ensuring timely threat detection and response.
• Threat Response – takes part in, and may lead, a Threat Action Group to defeat cyber threats.
• Security Reporting and Advisories – takes part in, and may lead, the delivery of cyber security reports and advisories to all key stakeholders.
• Residual Risk Assessment – takes part in, and may lead, the delivery of ‘operational and technical’ lessons learnt post incident analysis and reporting.
• Collaborating with data owners and customers on understanding data sources and use cases, and successfully translating requirements to actionable content.

CDO’s mission is to protect Vodafone customers against global cyber risk. CDO is specifically accountable for delivering:

• Cyber Defence operational leadership across Vodafone.
• Cyber Defence operational capabilities to Vodafone Group, the Local Market Operating Companies, and Partner Markets to enhance Vodafone’s global cyber defence posture and reduce its cyber risk

Telecoms SIEM Content Development Specialist works in the Cyber Security Operations Team. This role is at the heart of the CDO team and a Telecoms SIEM Content Development Specialist can expect to be involved concurrently in a number of the following areas:

• Content Development – Create, customize, and maintain SIEM rules, alerts, and correlation policies tailored to telecoms devices and network elements, ensuring timely threat detection and response.
• Threat Analysis – Analyse security event data to identify potential security incidents and vulnerabilities specific to the telecoms environment.
• Security Analytics – takes part in a security event analysis activity to defeat cyber threats.
• Log Integration – Assist in configuration of log sources for telecoms devices and network components, ensuring comprehensive data collection for analysis.
• Documentation – Maintain clear and up-to-date documentation of SIEM content, configurations, and telecoms-specific threat intelligence.
• Compliance – Ensure that SIEM content aligns with regulatory and industry compliance standards relevant to telecoms.
• Continuous Improvement – Stay up-to-date with emerging threats, trends, and technologies in the telecoms security landscape and incorporate best practices into SIEM content.
• Security Reporting and Advisories – takes part in, and may lead, the delivery of cyber security reports and advisories to all key stakeholders.
• Residual Risk Assessment – takes part in the delivery of ‘operational and technical’ lessons learnt post incident analysis and reporting