CrawlJobs Logo

Vulnerability and Exposure Response Manager

vodafone.com Logo

Vodafone

Location Icon

Location:
United Kingdom , Newbury

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Job Responsibility:

  • Lead high-impact investigations and remediation for critical vulnerabilities
  • Plan and govern red-team and purple-team exercises that materially reduce Vodafone’s external exposure

Requirements:

  • Proven experience in vulnerability investigation, incident response or threat-based testing
  • Practical experience of red teaming or purple teaming, including planning, scoping and translating findings into operational change
  • Strong investigative judgement and knowledge of attacker techniques across infrastructure, cloud and web applications
  • Ability to coordinate matrix teams and influence technical and business stakeholders globally
  • Clear communicator able to present technical findings as concise, risk-based recommendations
What we offer:
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan

Additional Information:

Job Posted:
January 22, 2026

Icon
Vodafone - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Vulnerability and Exposure Response Manager

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

This role is your opportunity to lead the charge in maturing e2Open’s security p...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
blumeglobal.com Logo
Blume Global
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in SIEM operations, vulnerability management, and incident response
  • Hands-on experience configuring and running security tools
  • Strong automation skills (e.g., scripting, orchestration)
  • The ability to lead through influence, guiding teams to adopt better practices
  • Experience navigating the challenges of complex, fast-changing environments (M&A exposure a plus)
  • Formal qualifications (CISSP, CISM, or equivalent) are valued
Job Responsibility
Job Responsibility
  • Configure, tune, and operate SIEM platforms to improve detection, response, and visibility
  • Lead vulnerability scanning and remediation
  • Take point in managing security incidents — from detection through investigation and resolution
  • Run and maintain key security tools
  • Drive automation-first approaches
  • Collaborate with engineering and IT teams to embed security into operations and culture
  • Help shape the roadmap for security maturity within e2Open
Read More
Arrow Right

Security Engineer II

The Security Engineer II is an individual contributor who will participate and m...
Location
Location
United States , Fountain Valley
Salary
Salary:
83940.00 - 120032.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
  • Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
  • Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
  • Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
  • Virtual Private Networks
  • SSL, IPSec, and Site-to-Site
  • Enterprise-Class Stateful Inspection Firewalls
  • Network Access Controls in context to Identity Management
  • Windows Server OS & Desktop OS
  • Network Packet Inspection
Job Responsibility
Job Responsibility
  • Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
  • Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
  • Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
  • Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
  • Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
  • Oversees the installation, configuration, and supportive processes of security technologies
  • Participate in or lead the Incident Response activities
  • Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
  • Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
  • Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
  • Fulltime
Read More
Arrow Right

Security Incident Management Analyst

The Security Incident Management Analyst is an intermediate level position respo...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Relevant professional certifications issued by GIAC, AWS, etc., preferably GCCC, GCIH, CEH, ECSA
  • General Industry knowledge of reporting obligations pertaining to local and national laws and regulatory bodies such as OCC, SEC, ECB, MAS
  • Working knowledge of common security models (Defense-in-Depth) and frameworks (MITRE Attack, Cyber Kill Chain, STIX)
  • Working knowledge of VERIS taxonomy
  • Working knowledge of OSI model
  • Working knowledge of security and/or incident response in cloud environments
  • Working knowledge of software development best practices, including agile methods
  • Familiar with Atlassian tools
  • Previous experience working in highly regulated environment
  • Previous experience in a fusion center and/or exposure to large scale incident response
Job Responsibility
Job Responsibility
  • Work as part of a best in class ‘follow the sun’ security incident response team
  • Lead and manage incident response activities to ensure that requisite triage, containment, and eradication are completed within targeted timeframes
  • Ensure that the security incident record is complete, accurate and fit for purpose
  • Collect and analyze evidence including investigative findings and prepare to coordinate with internal and external compliance and audit personnel
  • Execute incident response meetings and communicate complex security topics
  • exhibit good judgment and discretion when initiating escalations to all levels of the organization
  • Ensure that controls are utilized daily and that non-compliance remediation is addressed by appropriate selection
  • Provide IS consulting services, including interpreting and/or clarifying information security policy, procedures, standards or concepts
  • Assist with defining and implementing information security standards to align procedures and practices in pursuit of compliance with Citigroup standards
  • Validate compliance with information security policies, practices, and procedures, and resolve a variety of information security related issues in coordination with the relevant business(es)
  • Fulltime
Read More
Arrow Right

Vulnerability Management Engineer

We’re looking for a skilled Vulnerability Management Engineer to play a key role...
Location
Location
United Kingdom , Worcestershire
Salary
Salary:
Not provided
dynamicsearch.co.uk Logo
Dynamic Search Solutions
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in vulnerability management, cyber security engineering, or related disciplines
  • Strong understanding of vulnerability scanning, risk-based prioritisation, and remediation workflows
  • Knowledge of IT and OT environments, including DMZ architectures and segmentation principles
  • Familiarity with security frameworks such as NIST and their application in operational environments
  • Experience integrating vulnerability tools with SIEM and orchestration platforms
  • Strong communication skills, with the ability to translate technical risk into operational insight
  • Willingness to engage with sites directly, including on-site assessments where required
Job Responsibility
Job Responsibility
  • Operationalise vulnerability management using a risk-based prioritisation approach
  • Develop and maintain OT site DMZ vulnerability dashboards aligned with NIST frameworks
  • Identify sites operating flat network architectures and assess associated risks
  • Conduct site engagement activities, including on-site visits where required, to validate network and vulnerability findings
  • Enhance operational metrics, reporting, and overall risk visibility across IT and OT estates
  • Automate vulnerability management processes and integrate outputs with orchestration tools and SIEM platforms
  • Assess existing vulnerability management processes and identify gaps in coverage, prioritisation, and reporting
  • Apply risk context to vulnerability data to support meaningful remediation decisions
  • Design and deliver dashboards that provide clear, actionable insight for operational and security stakeholders
  • Work with site and central teams to improve network segmentation and reduce exposure caused by flat networks
Read More
Arrow Right

Vuln and Exposure Response Manager

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in vulnerability investigation, incident response or threat-based testing
  • Practical experience of red teaming or purple teaming, including planning, scoping and translating findings into operational change
  • Strong investigative judgement and knowledge of attacker techniques across infrastructure, cloud and web applications
  • Ability to coordinate matrix teams and influence technical and business stakeholders globally
  • Clear communicator able to present technical findings as concise, risk-based recommendations
Job Responsibility
Job Responsibility
  • Lead high-impact investigations and remediation for critical vulnerabilities and to plan and govern red-team and purple-team exercises that materially reduce Vodafone’s external exposure
  • Lead investigations into critical vulnerabilities, responsible disclosures and detection gaps and decide on immediate containment actions where required
  • Plan, commission and govern red-team and purple-team exercises, including scoping, objective setting and selection of internal or external providers
  • Own the lifecycle of high-priority remediation notices, from drafting and prioritisation through to closure or documented risk acceptance
  • Translate investigative and adversarial findings into clear, actionable recommendations for process, people and technology, and drive these recommendations to completion with market and platform owners
  • Act as the single point of escalation for exposure-related issues and provide concise briefings to senior stakeholders on trends and required actions
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Analyst, Information Security

The Information Security Analyst safeguards the organization by monitoring and t...
Location
Location
United States , Naperville
Salary
Salary:
78210.00 - 114708.00 USD / Year
kehe.com Logo
KeHE Distributors
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, Information Systems or equivalent experience
  • 3+ years in cybersecurity roles, Security Operations, Incident Response, threat detection, or related information security roles
  • Demonstrated experience triaging and investigating security alerts in one or more of: EDR/XDR, email security, identity systems (AD/Entra ID), network security tools, cloud security monitoring (AWS/Azure), and/or SIEM platforms
  • Strong understanding of attacker tactics and common enterprise threat scenarios (phishing, credential compromise, malware/ransomware, lateral movement, privilege escalation)
  • Ability to analyze logs and telemetry
  • experience writing or modifying queries/rules (e.g., KQL/SPL/SQL-like queries) is strongly preferred
  • Experience executing incident response activities: investigation, containment coordination, eradication support, recovery validation, and post-incident documentation
  • Strong understanding of vulnerability and exposure workflows, including validation and remediation verification
  • Ability to create and maintain runbooks/playbooks and operational documentation
  • Familiarity with security frameworks (e.g., CIS, NIST CSF, ISO 27001) and regulatory standards (e.g., PCI, GDPR, HIPAA)
Job Responsibility
Job Responsibility
  • Proactively monitor and triage security alerts across endpoint, identity, network, cloud, email, vulnerability, and SIEM platforms
  • Detect, investigate, and respond to security incidents
  • coordinate containment, remediation, root cause analysis, and post-incident reviews
  • Develop, tune, and maintain security detections, alerts, and response playbooks to improve threat visibility and response effectiveness
  • Conduct proactive threat hunting using endpoint, identity, network, and cloud telemetry
  • Manage and support vulnerability and exposure management activities, including risk-based prioritization, remediation tracking, and reporting
  • Maintain and support cybersecurity risk management activities, including risk registers, assessments, and mitigation planning
  • Support governance, risk, and compliance efforts by assisting with audits, control documentation, evidence collection, and third-party risk assessments
  • Administer and optimize security tools and platforms to ensure effectiveness, coverage, and operational reliability
  • Develop and deliver cybersecurity awareness training, including phishing simulations and targeted education initiatives
What we offer
What we offer
  • Health/Rx
  • Dental
  • Vision
  • Flexible and health spending accounts (FSA/HSA)
  • Supplemental life insurance
  • 401(k)
  • Paid time off
  • Paid sick time
  • Short term & long term disability coverage (STD/LTD)
  • Employee stock ownership (ESOP)
  • Fulltime
Read More
Arrow Right
New

Director of Threat Exposure Engineering

The Director of CTEM Development defines the technical vision and strategic dire...
Location
Location
United States , Philadelphia
Salary
Salary:
Not provided
comcastcorporation.com Logo
Comcast
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10 - 15+ years of engineering leadership experience overseeing large, complex technical environments
  • Strong engineering background with deep understanding of development practices, SDLC, coding standards, and modern architecture
  • Ability to lead technical strategy, set engineering direction, and own platform roadmaps
  • Experience managing engineering teams of 15- 20+ people, including global and distributed teams
  • Skilled in people leadership, team development, performance management, and talent retention
  • Experience with scanning, discovery, configuration assessment, telemetry, and exposure validation platforms
  • Strong understanding of secure coding, CI/CD pipelines, automation, testing, observability, and reliability engineering
  • Broad familiarity with multiple programming languages and development methodologies
  • Proven ability to manage budgets, resource planning, forecasting, and operational execution
  • Experience collaborating across architecture, SDLC, product, and cybersecurity teams
Job Responsibility
Job Responsibility
  • Oversees engineering, operation, and continuous improvement of CTEM platforms, including scanning, discovery, configuration assessment, exposure validation, and telemetry
  • Leads the global engineering lifecycle, including architecture for distributed assessment engines, telemetry pipelines, detection logic, secure configuration evaluation, and adversarial validation workflows
  • Drives automation-first engineering and ensures excellence in CI/CD, secure coding, testing, observability, and reliability to deliver scalable and resilient platforms
  • Ensures CTEM platforms meet operational, reliability, scalability, and performance standards, while leading technical analysis to improve detection accuracy, discovery fidelity, telemetry quality, and overall exposure reduction
  • Owns the global CTEM roadmap, set engineering strategies, and define technical direction aligned with broader cybersecurity and business goals
  • Collaborates across internal teams—including SDLC, Security Architecture, and Product—to ensure interoperability and alignment with enterprise standards
  • Supports financial and operational planning, prepare and manage budgets, monitor forecasts and expenditures, and guide headcount strategy
  • Establishes reporting standards, track engineering progress, analyze costs, and use operational metrics to drive measurable outcomes
  • Manages vendors and partners
  • Leads globally distributed engineering teams, including managers and professional staff
What we offer
What we offer
  • Paid Time off
  • Physical Wellbeing benefits
  • Financial Wellbeing benefits
  • Emotional Wellbeing benefits
  • Life Events + Family Support benefits
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy