CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

Cyber Defence Incident Manager

United Kingdom, Newbury Employment contract · Job Posted May 27, 2026
Apply Position
Job Link Share

Job Description

At Vodafone Cyber Security, we help our customers to remain secure and resilient in a world of increasingly sophisticated cyber-attacks. We offer a unique combination of highly resilient networks, enterprise-class cloud platforms, advanced security systems and expert advice, helping limit the risks of a mobile workforce, such as commercial losses, regulatory breaches or threats to individuals, whilst enabling productivity and employee satisfaction. Joining us as an Associate Cyber Defence Incident Manager, you can be part of our empowering Cyber Security function. The role of a Cyber Defence Incident manager is to provide efficient incident response and remediation to minimise the impact of cyber risks. The incident manager will oversee cyber incident coordination through an extended community of global security professionals. They will provide guidance and governance for incident response containment, eradication and remediation activities. The role requires a good understanding of cyber risk and the ability to make quick, effective decisions in fast paced and complex environments.

Job Responsibility

  • Coordinate and lead the response to cyber security incidents, including crisis level incidents
  • Chair incident calls and brief colleagues during stand-up meetings
  • Produce meeting minutes and incident status reports
  • Track and progress incident actions
  • Continually update our digital incident management application
  • Engage with stakeholders to get to the root cause of incidents
  • Influence stakeholders to implement required security controls and improvements
  • Lead post incident reviews while highlighting lessons learned and improvements
  • Own incident management reporting including written reports and KPIs for incidents you are leading
  • Provide 24/7 on-call support on rotation

Requirements

  • Passion and curiosity and are a self-starter
  • Excellent communication skills, both verbal and written
  • Attention to detail, strong analytical skills and efficient problem solving
  • Cultural sensitivity and social flexibility in a global corporate environment
  • Knowledge and experience in cyber security with a desire to learn more
  • Knowledge of security controls and incident response capabilities
  • An understanding and experience of implementing the SANS 6 Steps for incident management
  • Experience of working within a global and multi-cultural company
  • An ability to work under pressure in fast paced environments

What we offer

  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Defence Incident Manager

8 matching positions

Senior Cyber Incident Management, Operations & Response Specialist - VOIS

We are seeking a Senior Cyber Incident Management, Operations and Response Speci...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in a Security Operations Centre, operating at senior analyst level
  • Strong expertise in SIEM platforms (such as ArcSight, Splunk, QRadar or LogRhythm)
  • Proven experience in security incident investigation, response and management
  • Understanding of malware behaviour, advanced persistent threats and complex attack techniques
  • Skilled in SIEM correlation logic, rule tuning and detection optimisation
  • Ability to create structured workflows, playbooks and triage processes
  • Confident mentoring, coaching and motivating analysts within the team
  • Strong written and verbal communication skills, including the ability to present technical findings to senior stakeholders
  • Degree in Computer Science, Information Technology, Engineering or a related field
  • Prior experience in cloud technologies and the information security domain
Job Responsibility
Job Responsibility
  • Investigate, analyse and accurately triage security alerts and incidents across CSOC platforms
  • Perform deep-dive incident analysis, identify root causes and assess business risk
  • Lead daily stand-ups and act as an escalation point for functional and technical queries from Cyber Defence Analysts
  • Produce clear, high-quality technical and operational reports for stakeholders
  • Maintain and continuously enhance alert triage quality and operational deliverables
  • Develop, document and maintain playbooks, runbooks, SOPs, KEDB articles and knowledge base content
  • Proactively fine-tune detection rules and identify opportunities for alert reduction and effort optimisation
  • Monitor and protect digital systems against unauthorised access, modification or data loss
  • Analyse security breaches and recommend appropriate tools, controls and countermeasures
  • Collaborate closely with Local Market CSIRT teams to manage ongoing cases and reduce backlog
What we offer
What we offer
  • Opportunity to work at the forefront of cyber defence within a global telecommunications organisation
  • Exposure to complex threat landscapes and enterprise-scale security environments
  • A role that combines technical depth with leadership, mentoring and operational ownership
  • The ability to influence detection strategy, incident response quality and process maturity
  • Fulltime
Read More
Arrow Right

Cyber Defence Analyst

We are seeking a skilled and proactive Cyber Defence Analyst to join our Securit...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years of experience in Cyber Security, SOC operations, SIEM, and incident management
  • Strong understanding of network and security concepts and SIEM technologies (e.g., ArcSight, Splunk, QRadar, LogRhythm)
  • Holds industry-recognised certifications such as CEH, CCNA Cyber Ops, Security+
  • Excellent analytical and communication skills
  • Degree in Computer Science, Information Technology, Engineering, or a related field
  • Experience in global customer handling and event analysis
  • Demonstrates integrity, self-motivation, and cultural sensitivity
Job Responsibility
Job Responsibility
  • Investigate, analyse, and triage security alerts using CSOC tools
  • Document event and case analysis in the incident management system and manage cases through closure
  • Perform historical analysis of detected events and support incident managers
  • Participate in daily stand-up calls and contribute to knowledge base development
  • Collaborate with local market CSIRT teams and ensure effective communication across global teams
  • Proactively reduce alert volumes through fine-tuning and process stabilisation
  • Communicate emerging threats and malware behaviours clearly to stakeholders
  • Ensure mitigation measures are in place to reduce spam and phishing alerts
  • Maintain composure under pressure and respond effectively during emergencies
What we offer
What we offer
  • Opportunity to work in a global 24/7 cyber defence environment
  • Exposure to advanced security tools and technologies
  • Collaboration with international teams and senior security experts
  • Contribution to Vodafone’s mission to protect digital assets and infrastructure
  • A dynamic and inclusive workplace that values continuous learning and innovation
Read More
Arrow Right

L1 Cyber Defence Analyst

We are seeking a skilled and proactive Cyber Defence Analyst to join our Securit...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years of experience in Cyber Security, SOC operations, SIEM, and incident management
  • Strong understanding of network and security concepts and SIEM technologies (e.g., ArcSight, Splunk, QRadar, LogRhythm)
  • Holds industry-recognised certifications such as CEH, CCNA Cyber Ops, Security+
  • Excellent analytical and communication skills
  • Degree in Computer Science, Information Technology, Engineering, or a related field
  • Experience in global customer handling and event analysis
  • Demonstrates integrity, self-motivation, and cultural sensitivity
Job Responsibility
Job Responsibility
  • Investigate, analyse, and triage security alerts using CSOC tools
  • Document event and case analysis in the incident management system and manage cases through closure
  • Perform historical analysis of detected events and support incident managers
  • Participate in daily stand-up calls and contribute to knowledge base development
  • Collaborate with local market CSIRT teams and ensure effective communication across global teams
  • Proactively reduce alert volumes through fine-tuning and process stabilisation
  • Communicate emerging threats and malware behaviours clearly to stakeholders
  • Ensure mitigation measures are in place to reduce spam and phishing alerts
  • Maintain composure under pressure and respond effectively during emergencies
What we offer
What we offer
  • Opportunity to work in a global 24/7 cyber defence environment
  • Exposure to advanced security tools and technologies
  • Collaboration with international teams and senior security experts
  • Contribution to Vodafone’s mission to protect digital assets and infrastructure
  • A dynamic and inclusive workplace that values continuous learning and innovation
Read More
Arrow Right

Cyber Defence Analyst

We are seeking a Cyber Defence Analyst to join our Cyber Security Operations Cen...
Location
Location
India , Pune
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 3 years of experience in Cyber Security, SOC operations, SIEM technologies, and incident management
  • Strong understanding of networking and security concepts, with hands-on experience in SIEM tools such as ArcSight, Splunk, QRadar, or LogRhythm
  • Industry-recognised certifications such as CEH, CCNA Cyber Ops, or Security+
  • Excellent analytical and communication skills, with the ability to follow defined triage playbooks
  • Knowledge of cybersecurity threats, attack techniques, and operational monitoring of security events
  • Degree in Computer Science, Information Technology, Engineering, or equivalent
  • Experience in global customer handling and a reputation for integrity and cultural sensitivity
Job Responsibility
Job Responsibility
  • Act as a frontline cyber defender, ensuring protection of digital assets from unauthorised access
  • Investigate, analyse, and triage security alerts using CSOC tools and processes
  • Document event analysis and maintain case ownership until closure
  • Perform historical analysis of detected events and support incident managers during critical situations
  • Participate in daily stand-up calls and contribute to knowledge base articles
  • Collaborate with global CSIRT teams for ongoing cases and document SOPs and processes
  • Proactively work on alert reduction and process stabilisation
  • Ensure mitigation measures for spam and phishing alerts
  • Communicate effectively about threats, malware behaviour, and risks to business stakeholders
What we offer
What we offer
  • Opportunity to work in a global 24/7 Cyber Security Operations Centre
  • Exposure to advanced security tools and technologies
  • Collaborative environment with global teams and industry experts
  • Continuous learning and development in cybersecurity trends and practices
  • Fulltime
Read More
Arrow Right

Cyber Threat Intelligence Specialist

To reduce Vodafone’s cyber risk exposure by delivering timely, actionable threat...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of active nation‑state and financially motivated threat actors targeting telecoms, enterprise networks, and critical national infrastructure, with focus on actor tactics, techniques and procedures (TTP's)
  • Hands‑on experience producing and applying operational threat intelligence, including indicator development, attack pattern analysis, and supporting detection, response, and remediation activities
  • Ability to triage, correlate, and integrate multiple intelligence sources (telemetry, open source, vendor, and partner intelligence) into clear, actionable outputs
  • Effective stakeholder engagement skills across SOC, Incident Management and cyber defence teams, with the ability to communicate threat information clearly to technical audiences under operational pressure
  • Experience working with external intelligence communities and information‑sharing groups to enrich situational awareness and support operational security outcomes
Job Responsibility
Job Responsibility
  • Deliver operational and tactical threat intelligence on active threat actors, campaigns, and techniques impacting Vodafone's networks, IT environment, and services, with a focus on supporting detection and mitigation of threats
  • Support live incidents, investigations, and Threat Action Groups by monitoring adversary activity, providing timely intelligence updates, and maintaining situational awareness throughout operational events
  • Analyse threat reporting, tooling, and external intelligence to identify actionable indicators, attack patterns, and detection opportunities, feeding directly into CSOC, Incident Management, and defensive teams
  • Track intelligence outcomes by assessing whether intelligence contributed to detection improvements, response actions, vulnerability remediation, or threat disruption, and feed lessons learned back into operational processes
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

IT Operations Centre Analyst (ITOC)

Being part of Air Canada is to become part of an iconic Canadian symbol, recentl...
Location
Location
Canada , Toronto
Salary
Salary:
Not provided
aircanada.com Logo
Air Canada
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A relevant University degree/technical certification, and/or relevant experience commensurate to the role
  • 3-5 years’ experience in an enterprise IT environment or global NOC
  • At least 3-5 years of experience in the following: IT Monitoring tools such as Dynatrace, Splunk , Glassbox etc. IT Major Incidents, ITIL process concepts and execution (Incident Management, Problem Management, and Change Management), ITSM tools and processes, and in an operational technical role under application, infrastructure or network operations support or as a senior team member in a related service
  • Recent Certifications in a related domain such as CCNA, MSCE, AWS, CSP, ITIL, etc.
  • Ability to work effectively under pressure and in rapidly changing environments or uncertain conditions
  • Ability to work cooperatively with others on a team and to communicate (verbally and in writing) effectively with all levels of the organization
  • Demonstrates concern for satisfying one’s external and/or internal customers
  • Anticipates the implications and consequences of situations and takes appropriate action to be prepared for possible contingencies
  • Excellent organizational and troubleshooting skills and a passion for Service Improvement
  • Demonstrate punctuality and dependability to support overall team success in a fast-paced environment
Job Responsibility
Job Responsibility
  • Act as an initial escalation point for the service desk and other Air Canada IT teams as they identify issues regarding our technology environment
  • Effectively escalate service impacting issues to the correct teams and collaborate to ensure the issue is resolved as soon as possible. Preliminary troubleshooting before escalating is required. Proactively respond to alerts by performing correctional tasks to remediate issues and prevent larger issues from occurring
  • Act as a coordinator for the on-duty Major Incident owner including organizing communications and tracking troubleshooting actions in the event of a major incident
  • Provide daily support for the extended IT support teams by performing documented operational procedures that will optimize the systems environment
  • Ensure monitoring tools are tweaked and configured properly to effectively receive proactive alerts
  • Work closely with the IT service management team to identify reoccurring problems within the technical systems and work towards resolution and/or documented procedures to mitigate
  • Work with ITOC BA’s, automation analysts and the extended IT team to expand the ITOC portfolio of services through documenting design, standard operating procedures and other opportunities to provide value
  • Make recommendations for Service Improvement Plans and ensure actions are followed through to completion in a timely manner
  • Work with internal and third-party teams to ensure actions are taken and completed to protect and improve services
  • Provide assistance to cyber defence teams regarding IT certificate management
  • Fulltime
Read More
Arrow Right
New

Senior Risk Manager - Third Party Risk

The role supports the Head of Operational Risk in the oversight and management o...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree level educated or an equivalent combination of education training and experience with third-party frameworks and industry standards
  • and/or relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)
  • Proven third party risk expertise, preferably with knowledge of relevant standards such as ISO 27001, ISO 22301, NIST, and COBIT
  • A strong understanding of the Lloyd's or wider company insurance market and frameworks is preferable
  • Knowledge and experience of risk management frameworks and tools
  • Demonstrate effective understanding of relevant TPRM regulations for a global organisation operating across the UK, EU, US and Asia
  • Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes found within an international insurance group
  • Ability to build strong partnering relationships with a wide range of stakeholders, in particular the 1st Line TPRM team
  • Ability to interact professionally and with credibility and manage expectations of management and key stakeholders
  • Ability to manage time, meet deadlines and prioritise
Job Responsibility
Job Responsibility
  • Provide independent oversight and effective challenge to first-line operational risk activities
  • Review, challenge and contribute to the Third Party Risk Management (TPRM) framework, policies and standards
  • Support the Head of Operational Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders, ensuring the assessments are performed and documented accordingly
  • Oversee the management of delegated authority risk within Underwriting, Claims and Operations as part of the TPRM framework
  • Ensure consistent risk tiering and materiality assessments for all third parties
  • Review and challenge residual risk assessments, risk acceptances, and exceptions related to Operational Risk
  • Oversee integration of Third Party Risk into operational resilience, technology, cyber, and data frameworks
  • Support the implementation and maintenance of a robust control environment with clear ownership and accountability within the business, ensuring control documentation remains accurate and current
  • Develop and monitor key risk indicators (KRIs) and support risk appetite monitoring and management
  • Work collaboratively with 1st Line and Risk domain teams, supporting the embedding of the Operational Risk and TPRM framework into the organisation and across the 3 Lines of Defence model
  • Fulltime
Read More
Arrow Right

Safety and Defense Manager

Location
Location
Greece , Athens
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master’s or Bachelor’s degree in Cybersecurity, Computer Science, Engineering, Defence Studies, Security Studies, or equivalent professional experience
  • 8-12 years of experience in cyber defence, cyber operations, or security consulting, ideally with leadership responsibility
  • Proven experience in cyber defence programmes or initiatives involving national defence authorities, EU institutions, international organizations, or equivalent defence/security environments
  • Strong understanding of the cyber threat landscape affecting defence, government, critical infrastructure, and mission-critical operational environments
  • Experience leading cybersecurity programmes, cyber defence teams, senior client engagements, and multidisciplinary delivery teams
  • Strong commercial mindset, with experience in business development, pre-sales, proposal development, and client relationship management
  • Relevant cybersecurity certifications preferred, such as CISSP, CISM, CCSP, CIPP/E, OSCP, GIAC certifications, or equivalent defence/security credentials
  • Excellent leadership, communication, stakeholder management, and executive-level presentation skills
  • Fluent in English, written and spoken
  • Availability to travel for client, institutional, and programme-related engagements
Job Responsibility
Job Responsibility
  • Lead and grow NTT DATA’s Safety & Defense business in Greece and Benelux by identifying, shaping, and closing opportunities with existing and prospective clients
  • Shape cyber defence strategies, capability roadmaps, operating models, and transformation programmes for defence, government, critical infrastructure, and institutional clients
  • Act as a trusted advisor to senior client stakeholders, translating cyber threats, operational risks, and defense-sector requirements into clear, actionable decisions
  • Coordinate cyber defence readiness activities, including threat monitoring, incident response planning, escalation models, resilience exercises, simulations, and lessons-learned processes
  • Contribute to proposals, tenders, pre-sales activities, and programme shaping for complex cyber defence and security transformation opportunities
What we offer
What we offer
  • Health insurance for the employee and one dependent family member (100% paid by NTT DATA)
  • Meal vouchers of 120€ per month (x12)
  • Corporate mobile phone: subscription & device
  • Teleworking equipment allowance
  • Internal Trainings Platform Account
  • Access to Open Up mental health service
  • Annual Collective Bonus (for Executives)
  • 28 days of paid annual leave consisting of your legal holidays and compensation days
Read More
Arrow Right