CrawlJobs Logo
Vodafone Logo Vodafone · IT - Software Development

Cyber Threat Intelligence Specialist

United Kingdom, Newbury · Job Posted May 29, 2026
Apply Position
Job Link Share

Job Description

To reduce Vodafone’s cyber risk exposure by delivering timely, actionable threat intelligence that directly supports day‑to‑day defence, incident response, and control decisions addressing current risks across the business. The Cyber Threat Intelligence Specialist operates at Group level, focusing on analysing threat activity and adversary behaviour to produce practical intelligence that enables effective detection, response, and mitigation across Vodafone’s global footprint.

Job Responsibility

  • Deliver operational and tactical threat intelligence on active threat actors, campaigns, and techniques impacting Vodafone's networks, IT environment, and services, with a focus on supporting detection and mitigation of threats
  • Support live incidents, investigations, and Threat Action Groups by monitoring adversary activity, providing timely intelligence updates, and maintaining situational awareness throughout operational events
  • Analyse threat reporting, tooling, and external intelligence to identify actionable indicators, attack patterns, and detection opportunities, feeding directly into CSOC, Incident Management, and defensive teams
  • Track intelligence outcomes by assessing whether intelligence contributed to detection improvements, response actions, vulnerability remediation, or threat disruption, and feed lessons learned back into operational processes

Requirements

  • Strong understanding of active nation‑state and financially motivated threat actors targeting telecoms, enterprise networks, and critical national infrastructure, with focus on actor tactics, techniques and procedures (TTP's)
  • Hands‑on experience producing and applying operational threat intelligence, including indicator development, attack pattern analysis, and supporting detection, response, and remediation activities
  • Ability to triage, correlate, and integrate multiple intelligence sources (telemetry, open source, vendor, and partner intelligence) into clear, actionable outputs
  • Effective stakeholder engagement skills across SOC, Incident Management and cyber defence teams, with the ability to communicate threat information clearly to technical audiences under operational pressure
  • Experience working with external intelligence communities and information‑sharing groups to enrich situational awareness and support operational security outcomes

What we offer

  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Cyber Threat Intelligence Specialist

8 matching positions

Strategic Threat Intelligence Specialist

To reduce Vodafone’s cyber risk exposure by delivering forward-looking, strategi...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of nation-state and financially motivated threat actors targeting telecoms and critical national infrastructure
  • Experience in building or maturing intelligence-sharing processes, including defining requirements, standardising outputs, and measuring impact
  • Ability to combine multiple intelligence sources into clear, defensible strategic assessments
  • Strong stakeholder management skills across technical and executive audiences
  • Experience engaging with external intelligence communities and leveraging trusted relationships to enhance internal security posture
Job Responsibility
Job Responsibility
  • Produce strategic intelligence assessments on priority threat actors, campaigns, and emerging risks impacting telco, network and IT infrastructure
  • Mature and structure Vodafone’s intelligence-sharing relationships across internal stakeholders to ensure intelligence is actionable and consistently drives risk reduction
  • Strengthen and grow external intelligence partnerships with entities such as NCSC, ISACs, peer telcos, and intelligence providers
  • Establish feedback loops to measure whether shared intelligence results in detection improvements, vulnerability remediation, control uplift, or mission activity
  • Translate geopolitical developments, sector targeting trends, and adversary evolution into clear risk implications for Vodafone’s networks, platforms, estate, and supply chain
  • Brief senior leadership and stakeholders with concise, risk-based reporting that supports strategic decision-making
  • Support the development of structured threat missions aligned to priority adversaries, ensuring intelligence requirements are clearly defined and outcomes are tracked
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Specialist, Cyber Intelligence - ISSO

L3Harris is dedicated to recruiting and developing high-performing talent who ar...
Location
Location
United States , Waco
Salary
Salary:
Not provided
l3harris.com Logo
L3Harris
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree and minimum 4 years of prior relevant experience. Graduate Degree and a minimum of 2 years of prior related experience. In lieu of a degree, minimum of 8 years of prior related experience
  • Minimum Security+ certification required
  • This position requires a TS with SCI eligibility security clearance. Security clearances may only be granted to U.S. citizens
Job Responsibility
Job Responsibility
  • Responsible for the development, deployment and execution of controls and defenses to ensure the security of company technology, information systems, and system deliverables
  • Supports secure systems operations and maintenance
  • Assesses and mitigates system security threats and risks throughout the program life cycle
  • Performs system certification and accreditation planning, testing, and validation activities in coordination with government customers
  • Executes first level responses and addresses reported or detected incidents
  • Interprets, analyzes, and reports all events and anomalies in accordance with directives, to include initiating, responding, and reporting discovered events
  • Safeguards information against unauthorized use, infiltration, exfiltration, modification, destruction or disclosure of national security information
  • Notify the ISSM of changes affecting the ATO. Coordinate any changes to hardware, software, or firmware with the ISSM prior to any change
  • Building Aircraft disk pack sets, along with keeping them maintained and updated, as necessary to support our test team, and the Air Force as required
  • Willing to Travel 25% of the time to support offsite test events
  • Fulltime
Read More
Arrow Right

Cyber Threat Specialist

Critical role within the Cyber Threat Intelligence Team. As a Threat Specialist ...
Location
Location
Australia , Victoria
Salary
Salary:
Not provided
woolworths.com.au Logo
Woolworths Supermarkets
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of tested cyber security experience within high-pressure environments, including SOC, NOC, and CIRT ecosystems
  • Expert-level mastery in network intrusion, detection, and response, with a current and sharp understanding of the modern threat landscape
  • Deep-seated intuition for malicious code, with the specialised skills required to understand the anatomy of an attack
  • Seamlessly applying the MITRE ATT&CK® framework and Cyber Kill Chain methodology to map adversary behavior and anticipate the 'next move'
  • Broad spectrum confidence across an array of security applications, ensuring the right tool is leveraged for the right threat at the right time
  • Advanced proficiency in Open Source Intelligence, turning public data into actionable defensive strategies
  • A rare ability to translate complex cyber risks into tangible business outcomes, ensuring security initiatives drive organisational value rather than just technical compliance
  • Comprehensive end-to-end exposure to Incident Response (IR), from initial triage through to post-mortem and long-term hardening
  • Equally effective as an individual contributor or a collaborative team player, maintaining peak performance in both autonomous and integrated environments
Job Responsibility
Job Responsibility
  • Maintain awareness of the cyber threat landscape by conducting research to contribute to formal threat reports and curate actionable intelligence
  • Triage, tune, and customise threat alerts while incorporating curated Indicators of Compromise (IOCs) into the existing threat framework
  • Identify and prioritise detection opportunities using SIEM and EDR tools, mapped against the Mitre ATT&CK framework for comprehensive coverage
  • Conduct threat hunting, trigger incident response workflows, and provide dedicated intelligence support during major security incidents
  • Proactively raise security risks and recommend appropriate controls to strengthen the organisation's defensive posture
  • Assist with the zero-day vulnerability process and ensure all technical documentation remains current and accurate
  • Drive continuous improvement by streamlining workflows through the strategic use of automation and advanced tooling
  • Fulltime
Read More
Arrow Right

Cyber Threat Hunting Specialist

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Threat Research Expertise
  • You are an experienced security analyst who operates well beyond alert-driven workflows
  • You have a deep understanding of adversary tactics, techniques, and procedures
  • Analytical Thinking
  • You are comfortable working with incomplete, ambiguous, or conflicting data
  • Tool Proficiency
  • You are highly proficient in querying and analysing large-scale security data
  • Data Source Fluency
  • You are confident working across diverse telemetry, including endpoint, identity, network, and cloud data
  • Collaborative Communication
Job Responsibility
Job Responsibility
  • Proactively search for signs of cyber threats across systems and networks
  • Proactive Threat Hunting
  • Drive proactive threat hunting across Vodafone’s environment
  • Own complex investigations end-to-end
  • Rule Development for Security Operations
  • Translate your hunting outcomes into robust, production-ready detection logic
  • Challenge existing detections, identifying gaps in coverage, and refining logic
  • Threat Intelligence Integration
  • Work closely with Cyber Threat Intelligence to turn intelligence into actionable outcomes
  • Assess, validate, and challenge intelligence by mapping it to real telemetry and observed behaviours
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
  • Fulltime
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Citi, the leading global bank, has approximately 200 million customer accounts a...
Location
Location
United Kingdom , London; Belfast
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years for Assistant Vice President (C12 Mid - Senior Level)
  • 8-10+ years for Vice President (C13 Senior - Lead/Staff Level)
  • 10+ years for Senior Vice President (C14 Lead/Staff - Principal Level)
  • Depth in at least one of AI/ML engineering, offensive security, detection engineering, software engineering, or security research
  • Hands-on LLM API experience (context management, tool use, evaluation, failure modes) for AI/ML Engineering
  • Agentic systems design
  • AI safety at the infrastructure level
  • Vulnerability research, exploit development, or pen testing with real depth for Cyber Security
  • Detection engineering for novel attack patterns
  • Threat modelling (STRIDE, ATT&CK)
Job Responsibility
Job Responsibility
  • Depends on team: Offensive Security & Vulnerability Management — AI-assisted pen testing at a scale previously impossible
  • Automated exploit validation
  • Bridge the gap from 'AI found a vulnerability' to 'the application team has a PR to fix it'
  • AI & Emerging Technology Security — Define how the bank deploys AI safely
  • Security architecture and assurance for new implementations
  • Building the next generation of AI-powered tools for CISO colleagues
  • Test new models at the cutting edge of creation and influence
  • Cyber Security AI Services — Own the AI products CISO depends on in production — security assurance, cyber security operations, governance and controls, vulnerability assessment
  • Keep them reliable, evolve them fast
  • Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI to find and exploit vulnerabilities faster than traditional detection can keep up
What we offer
What we offer
  • Business casual workplace
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Artificial Intelligence Security Specialist EMEA at Citi. Working at Citi is far...
Location
Location
Hungary , Budapest
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on LLM API experience (context management, tool use, evaluation, failure modes)
  • Agentic systems design
  • AI safety at the infrastructure level, not just the prompt level
  • Vulnerability research, exploit development, or pen testing with real depth
  • Detection engineering for novel attack patterns
  • Threat modelling (STRIDE, ATT&CK)
  • Security architecture
  • You've built and operated production systems, not just prototypes
  • Strong Python and/or systems programming
  • Can digest dense technical research and turn it into actionable security recommendations
Job Responsibility
Job Responsibility
  • AI-driven vulnerability management
  • Security architecture for the AI era
  • Securing AI agents that can behave like insider threats
  • Offensive Security & Vulnerability Management — AI-assisted pen testing at a scale previously impossible
  • AI & Emerging Technology Security — Define how the bank deploys AI safely
  • Cyber Security AI Services — Own the AI products CISO depends on in production
  • Cyber Security Operations — Detection, triage, and response for a world where adversaries use AI
What we offer
What we offer
  • Cafeteria Program
  • Home Office Allowance (for colleagues working in hybrid work models)
  • Paid Parental Leave Program (maternity and paternity leave)
  • Private Medical Care Program and onsite medical rooms at our offices
  • Pension Plan Contribution to voluntary pension fund
  • Group Life Insurance
  • Employee Assistance Program
  • Access to a wide variety of learning and development programs, online course libraries and upskilling platforms, such as Udemy and Degreed
  • Flexible work arrangements to support you in managing work - life balance
  • Career progression opportunities across geographies and business lines
  • Fulltime
Read More
Arrow Right

Artificial Intelligence Security Specialist EMEA

Job Overview Why Citi Citi, the leading global bank, has approximately 200 mil...
Location
Location
Poland , Warsaw
Salary
Salary:
165020.00 PLN / Year
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • AI/ML Engineering — Hands-on LLM API experience (context management, tool use, evaluation, failure modes). Agentic systems design. AI safety at the infrastructure level, not just the prompt level.
  • Cyber Security — Vulnerability research, exploit development, or pen testing with real depth. Detection engineering for novel attack patterns. Threat modelling (STRIDE, ATT&CK). Security architecture.
  • Software Engineering — You've built and operated production systems, not just prototypes. Strong Python and/or systems programming. Bonus if you're comfortable reading disassembly or tracing through kernel code.
  • Research & Communication — Can digest dense technical research and turn it into actionable security recommendations. Published research, conference talks, or open-source contributions.
  • Mindset - You love to engineer solutions to problems vs purchasing tools, and you see problems as opportunities
  • At any level: genuinely curious, comfortable with ambiguity, biased toward building, able to work across disciplines.
  • Assistant Vice President (C12 Mid - Senior Level): 5-7+ years. Own workstreams end-to-end with real autonomy. You'll go deep on problems that most organizations don't even know they have yet.
  • Vice President (C13 Senior - Lead/Staff Level): 8-10+ years. Define technical approach, make architectural decisions, mentor others. The scope here is wider than most senior IC roles — you're not optimizing an existing system
  • you're designing ones that don't exist yet.
  • Senior Vice President (C14 Lead/Staff - Principal Level): 10+ years. Set technical direction for a function and influence the firm's approach to AI security. If you've hit a ceiling elsewhere because the problem space isn't big enough, it's big enough here.
What we offer
What we offer
  • Private Medical Care Program
  • Life Insurance Program
  • Pension Plan contribution (PPE Program)
  • Employee Assistance Program
  • Paid Parental Leave Program (maternity and paternity leave)
  • Sport Card
  • Holidays Allowance
  • Sport and team recreation activities
  • Special offers and discounts for employees
  • Access to an array of learning and development resources
  • Fulltime
Read More
Arrow Right