SIEM content developer Specialist - VOIS

Job Description

Who we are

VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value for customers by delivering intelligent solutions through Talent, Technology & Transformation.
As the largest shared services organisation in the global telco industry with 30,000 FTE, our portfolio of next-generation solutions and services are designed in partnership with customers across Vodafone Group, local markets, and partner markets to simplify and drive growth. With our strategic partner Accenture, we work alongside our Vodafone customers, other Telco and tech companies to drive transformation, meet the challenges of our industry and ensure we stay relevant and resilient. This partnership is a unique, industry-first model which brings together the best of in-house and 3rd party capability.
We work with customers across 28 countries from 10 VOIS locations: Albania, Egypt, Hungary, India, Romania, Spain, Turkey, UK, Germany, Ireland, and with a network of teams in Czech Republic, Italy, Greece, and Portugal.
#VOIS #BeUnrivalled #CreateTheFuture

About this Role

We are seeking a highly experienced SIEM Content Development Specialist to join our Cyber Defence Operations team in India (Pune/Bangalore). This role is central to enhancing Vodafone’s detection capabilities by developing custom detection rules in SIEM solutions, aligned with threat intelligence and business requirements. The individual will contribute to the success of the Cyber Security Operations Centre (CSOC) through advanced content engineering, threat response, and collaboration across global teams.

What you’ll do

• Lead and contribute to SIEM content development and tuning across existing and new platforms.
• Develop and integrate threat response workflows and playbooks.
• Deliver cyber security reports and advisories to key stakeholders.
• Conduct post-incident analysis and convert findings into actionable improvements.
• Collaborate with log source owners and stakeholders to translate requirements into effective detection content.
• Create behavioural-based detections to identify and prevent malicious activity.
• Maintain documentation including playbooks and workflows for the SIEM Content Development Team.
• Drive security content development projects using SDLC and Agile methodologies.
• Provide technical leadership and project management support where required.

Who you are

• Minimum 10 years of experience in Security Operations, Content Development, Threat Intelligence, and Security Engineering.
• Strong background in SDLC and Agile frameworks.
• Proficient in SIEM technologies, especially Elastic Security/ELK, ArcSight, Microsoft Sentinel, Splunk, Chronicle.
• Skilled in cloud platforms including AWS, GCP, Azure, and Oracle.
• Experienced in threat scenario creation and detection rule development.
• Advanced programming skills in Python, SQL, JavaScript, PowerShell, KQL, ES|QL.
• Strong understanding of MITRE ATT&CK, cyber kill chain, and APT strategies.
• Expertise in regular expressions and security event analysis.
• Knowledgeable in networking protocols, security devices, and cyber risk management.
• Holds certifications such as CISSP, GCIH, GCIA or equivalent.
• Degree in Information Technology, Engineering or related field.

Not a perfect fit?

Concerned you may not meet every requirement? Vodafone is committed to creating an inclusive workplace where everyone can thrive. If you are excited about this role but your experience does not align exactly with every aspect of the job description, you are encouraged to apply. You may be the right candidate for this or another opportunity, and the recruitment team will support you in exploring where your skills fit best.

What's in it for you

• Opportunity to work at the forefront of global cyber defence operations.
• Exposure to cutting-edge SIEM and cloud technologies.
• Collaborative work environment with global security experts.
• Leadership opportunities in content development and threat response.
• Contribution to Vodafone’s mission to protect customers against cyber risks.

What skills you will learn

• Advanced SIEM content engineering and threat detection techniques.
• Cross-functional collaboration and stakeholder engagement.
• Agile project management and SDLC practices.
• Deep threat intelligence analysis and behavioural detection modelling.
• Technical documentation and playbook development.

VOIS Equal Opportunity Employer Commitment

Vodafone recognises and celebrates the value of diversity in building a workforce that reflects the customers and communities it serves. No form of discrimination is tolerated. This includes, but is not limited to, discrimination based on race, colour, age, veteran status, gender identity, gender expression, sexual orientation, pregnancy, maternity or parental status, ethnicity, disability, religion or belief, political affiliation, trade union membership, nationality, citizenship, indigenous status, medical condition, HIV status, neurodiversity, social origin, cultural background, marital or civil partnership status, or socio-economic background.

Join Us

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this.
We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.
With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Alert

Apply for Vodafone jobs only through the official Vodafone Careers website to avoid job scams and fraud.
#JDEnhancedByTARA

Follow us on social media and #StayConnected

• LinkedIn
• Facebook
• Instagram
• Chat with our employees