Flexa
Discover companiesFind a jobResourcesSign in/up
For employers
< Back to search
Vodafone • LISBOA, Portugal

CNAPP Platform Engineer

Employment type:  Full time
View company profile
Apply now

Job Description

Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Global Cyber Security’s role is to inspire trust and confidence in our customers by enabling secure connectivity. Our purpose is to proactively protect Vodafone & its customers by reducing the risks posed by security threats to Vodafone’s global technology infrastructure and the sensitive data it holds.

Responsible for leading the design, integration, and optimization of enterprise DevSecOps capabilities with a primary focus on Vulnerability Management (VM), Application Security (AppSec), and Cloud-Native Application Protection Platforms (CNAPP). This role serves as a technical leader and strategic advisor driving secure-by-design practices across CI/CD pipelines and application ecosystems.

Partners closely with application engineering, cloud, and platform teams to embed security controls into development workflows, enabling scalable and automated security outcomes across hybrid and multi-cloud environments.

What you’ll do

  • Lead the design and implementation of DevSecOps frameworks integrating security into CI/CD pipelines;
  • Act as a trusted advisor to application and platform teams, influencing secure coding, build, and deployment practices;
  • Define and drive security guardrails, standards, and patterns for cloud-native and application environments;
  • Serve as the primary technical owner for CNAPP platforms, including onboarding, configuration, policy management, and optimization;
  • Integrate CNAPP insights into engineering workflows, ticketing systems, and reporting dashboards;
  • Drive enterprise VM strategy for cloud, container, and application layers;
  • Advance risk-based prioritization and remediation workflows integrated into CI/CD and developer tools;
  • Partner with engineering teams to reduce mean time to remediation (MTTR) and improve vulnerability posture;
  • Oversee integration and tuning of SAST, DAST, SCA, and container scanning tools within pipelines;
  • Architect and implement security tooling integrations into CI/CD pipelines, ensuring minimal developer friction;
  • Enable shift-left security practices with automated checks, policy enforcement, and feedback loops;
  • Collaborate with DevOps teams to standardize pipeline security templates and reusable modules;
  • Work closely with cloud engineering, SRE, infrastructure, and application teams to align on security priorities;
  • Influence vendor strategy and tool selection for DevSecOps and CNAPP capabilities;
  • Represent security in architecture reviews, change control boards, and major transformation initiatives;
  • Define and track KPIs such as vulnerability aging, pipeline coverage, and policy compliance;
  • Lead continuous improvement initiatives to enhance automation, scalability, and developer experience.

Who you are

  • BA/BS in Information Systems, Computer Science, or related field;
  • Strong knowledge across multiple domains, including: Cloud Security (AWS, Azure, GCP), Application Security (SAST, DAST, SCA, IaC), Secrets Scanning, API Security, Cloud Security, Container & Kubernetes Security, Vulnerability Management & Risk Prioritization and Security Architecture & Design;
  • Experience with infrastructure-as-code (IaC) security, API integrations, and automation scripting;
  • Demonstrated ability to partner with engineering teams and influence security adoption without direct authority;
  • Experience driving enterprise-wide security initiatives and standards;
  • Knowledge of Wiz, Prisma Cloud, ICS (Rapid7) (CNAPP), Qualys, MEND, SonarQube (AppSec);
  • Understanding of CI/CD platforms (GitHub AS, GitLab, SonarQube, Jenkins) and DevOps and Agile methodologies;
  • Security certifications preferred (e.g., CISSP, CCSP, CSSLP, GWAPT, GCSA);
  • Fluency in English.

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you

  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders;
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products;
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors;
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products;
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing, Skillsoft and Speexx);
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles.

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.

Apply now

Company benefits

UK (28), India (22), Egypt (21), Hungary (20), Romania (20), Albania (22), Turkey (14) days annual leave + bank holidays
Work from anywhere scheme – work for up to 20 days/year abroad (dependant on country)
Annual bonus – dependant on company performance
Employee discounts
Personal development days – once per quarter
Learning platform – access to Harvard Business Publishing, MIT Horizon and Skillsoft
Enhanced maternity leave – 16 weeks (paid) with a phased return to work over 6 months
Enhanced paternity leave – 16 weeks (paid) with a phased return to work over 6 months
Volunteer days – up to 5 days
Coaching – access to a free certified internal pool of coaches
Mentoring
Carer’s leave
Adoption leave – 16 weeks (paid) with a phased return to work over 6 months
Enhanced sick days
Mental health platform access
Mental health first aiders
Employee assistance programme
Complimentary Medical Services – 24/7 online doctor service
Compassionate leave
Home office set up
Buddy scheme
Referral bonus
Early finish Fridays
Buy or sell annual leave
Cycle to work scheme
Life insurance
Sabbaticals
Salary sacrifice
Share options
Teambuilding days
Faith rooms
Enhanced pension match/contribution
Learning license

Working at Vodafone

Company employees:

85,887

Gender diversity (m:f):

61:39

Hiring in countries

Albania

Australia

China

Czechia

Democratic Republic of the Congo

Denmark

Egypt

Germany

Greece

Hungary

India

Ireland

Italy

Awards & Accreditations

1st – Most loved - Large companies

1st – Most loved - Large companies

Flexa awards 2026
1st - Most Inclusive Company

1st - Most Inclusive Company

Flexa awards 2026
Most Flexible Company

Top 5 - Most Flexible Company

Flexa awards 2026

Other jobs you might like

  • Vodafone

    CNAPP Platform Engineer

    LISBOA, Portugal

    #1 MOST LOVED - ENTERPRISE COMPANIES
  • Vodafone

    CNAPP Operations Manager

    LISBOA, Portugal

    #1 MOST LOVED - ENTERPRISE COMPANIES
Flex spring

Join the mailing list

Get the latest insights and expert guidance on job hunting, career progression, and creating thriving workplaces.

Enter your email
  • About us
  • Contact us
  • FAQs
  • Info for employers
  • Join Flexa
  • Legal
  • Live feed
  • Pioneer awards
  • Resources
  • Sign in/up
  • The Flexa awards
Flexa

Luxembourg

Malaysia

Portugal

Romania

South Africa

Spain

Sweden

Tanzania

Türkiye

United Kingdom

United States

Office Locations

  • Vodafone

    CNAPP Platform Operations

    LISBOA, Portugal

    #1 MOST LOVED - ENTERPRISE COMPANIES
  • Vodafone

    CNAPP Platform Operations

    LISBOA, Portugal

    #1 MOST LOVED - ENTERPRISE COMPANIES
  • Tesco

    Head of Platform Security

    Welwyn Garden City, UK