SIEM Content Development Specialist - Cyber Defence - VOIS

Who we are

VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value for customers by delivering intelligent solutions through Talent, Technology & Transformation.
As the largest shared services organisation in the global telco industry with 30,000 FTE, our portfolio of next-generation solutions and services are designed in partnership with customers across Vodafone Group, local markets, and partner markets to simplify and drive growth. With our strategic partner Accenture, we work alongside our Vodafone customers, other Telco and tech companies to drive transformation, meet the challenges of our industry and ensure we stay relevant and resilient. This partnership is a unique, industry-first model which brings together the best of in-house and 3rd party capability.
We work with customers across 28 countries from 10 VOIS locations: Albania, Egypt, Hungary, India, Romania, Spain, Turkey, UK, Germany, Ireland, and with a network of teams in Czech Republic, Italy, Greece, and Portugal.
#VOIS #BeUnrivalled #CreateTheFuture

About this Role

We are seeking a SIEM Content Development Specialist to strengthen Cyber Defence detection capabilities within the Cyber Security Operations Centre (CSOC). The role focuses on developing and refining SIEM detection content, leveraging knowledge of threat landscapes, MITRE ATT&CK techniques, and organisational risks. The individual will work closely with stakeholders to create actionable detection logic, enhance threat visibility, and improve response efficiency across Vodafone’s cyber defence ecosystem.

What you’ll do

Design, develop, and optimise SIEM detection content across existing and new platforms
Lead and contribute to SIEM content engineering initiatives, applying SDLC and Agile methodologies
Continuously refine detection rules and logic to improve SOC efficiency and effectiveness
Develop and integrate threat response workflows and playbooks
Conduct threat analysis to design behavioural and indicator-based detection use cases
Collaborate with log source owners to translate business and technical requirements into actionable SIEM content
Deliver cyber security reports and advisories to key stakeholders
Perform post-incident analysis and drive improvements through actionable insights
Support EDR/XDR detection engineering and tuning activities
Create and maintain technical documentation, workflows, and operational playbooks

Who you are

Experienced professional with 10+ years in SOC operations, SIEM content development, threat hunting, or security engineering
Skilled in SIEM technologies, particularly Elastic/ELK, with knowledge of platforms such as Splunk, Sentinel, ArcSight, or Chronicle
Proficient in programming and scripting (e.g., Python, SQL, JavaScript, PowerShell, KQL, ES|QL)
Strong understanding of cloud environments (AWS, Azure, GCP) and associated telemetry
Experienced in developing detection use cases and threat scenarios aligned with MITRE ATT&CK and cyber kill chain frameworks
Competent in Regex and data analysis techniques
Knowledgeable in networking concepts (TCP/IP, CIDR, subnets) and security tools (IDS/IPS, firewalls, AV systems)
Strong analytical, problem-solving, and communication skills
Able to work independently, prioritise tasks, and collaborate effectively across teams
Certifications such as CISSP or SANS (e.g., GCIH, GCIA) are advantageous

Not a perfect fit?

Concerned you may not meet every requirement? Vodafone is committed to creating an inclusive workplace where everyone can thrive. If you are excited about this role but your experience does not align exactly with every aspect of the job description, you are encouraged to apply. You may be the right candidate for this or another opportunity, and the recruitment team will support you in exploring where your skills fit best.

What's in it for you

Opportunity to work at the core of global cyber defence operations
Exposure to advanced SIEM, EDR, and XDR technologies and large-scale security environments
Collaboration with global cyber security experts and stakeholders
Continuous learning through evolving threat landscapes and modern security frameworks
Opportunity to contribute to meaningful risk reduction initiatives across Vodafone

What skills you will learn

Advanced SIEM content engineering and detection optimisation techniques
Practical implementation of MITRE ATT&CK and threat intelligence frameworks
Cyber threat analysis, behavioural detection modelling, and incident response improvements
Cloud security monitoring and telemetry integration
Cross-functional collaboration and stakeholder communication within global security environments

VOIS Equal Opportunity Employer Commitment

Vodafone recognises and celebrates the value of diversity in building a workforce that reflects the customers and communities it serves. No form of discrimination is tolerated. This includes, but is not limited to, discrimination based on race, colour, age, veteran status, gender identity, gender expression, sexual orientation, pregnancy, maternity or parental status, ethnicity, disability, religion or belief, political affiliation, trade union membership, nationality, citizenship, indigenous status, medical condition, HIV status, neurodiversity, social origin, cultural background, marital or civil partnership status, or socio-economic background.

Join Us

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this.
We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.
With us, you can truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Alert

Apply for Vodafone jobs only through the official Vodafone Careers website to avoid job scams and fraud.
#JDEnhancedByTARA

Follow us on social media and #StayConnected

LinkedIn: https://www.linkedin.com/company/vois/
Facebook: https://www.facebook.com/voisglobal
Instagram: https://www.instagram.com/voisglobal/