CrawlJobs Logo
Vodafone Logo Vodafone · IT - Administration

Vulnerability and Exposure Response Manager

United Kingdom, Newbury · Job Posted January 22, 2026
Apply Position
Job Link Share

Job Description

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Job Responsibility

  • Lead high-impact investigations and remediation for critical vulnerabilities
  • Plan and govern red-team and purple-team exercises that materially reduce Vodafone’s external exposure

Requirements

  • Proven experience in vulnerability investigation, incident response or threat-based testing
  • Practical experience of red teaming or purple teaming, including planning, scoping and translating findings into operational change
  • Strong investigative judgement and knowledge of attacker techniques across infrastructure, cloud and web applications
  • Ability to coordinate matrix teams and influence technical and business stakeholders globally
  • Clear communicator able to present technical findings as concise, risk-based recommendations

What we offer

  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Vodafone - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Vulnerability and Exposure Response Manager

8 matching positions

Vuln and Exposure Response Manager

At Vodafone, we’re not just shaping the future of connectivity for our customers...
Location
Location
United Kingdom , Newbury
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in vulnerability investigation, incident response or threat-based testing
  • Practical experience of red teaming or purple teaming, including planning, scoping and translating findings into operational change
  • Strong investigative judgement and knowledge of attacker techniques across infrastructure, cloud and web applications
  • Ability to coordinate matrix teams and influence technical and business stakeholders globally
  • Clear communicator able to present technical findings as concise, risk-based recommendations
Job Responsibility
Job Responsibility
  • Lead high-impact investigations and remediation for critical vulnerabilities and to plan and govern red-team and purple-team exercises that materially reduce Vodafone’s external exposure
  • Lead investigations into critical vulnerabilities, responsible disclosures and detection gaps and decide on immediate containment actions where required
  • Plan, commission and govern red-team and purple-team exercises, including scoping, objective setting and selection of internal or external providers
  • Own the lifecycle of high-priority remediation notices, from drafting and prioritisation through to closure or documented risk acceptance
  • Translate investigative and adversarial findings into clear, actionable recommendations for process, people and technology, and drive these recommendations to completion with market and platform owners
  • Act as the single point of escalation for exposure-related issues and provide concise briefings to senior stakeholders on trends and required actions
What we offer
What we offer
  • Yearly bonus: 10%
  • Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
  • Charity days: 5 days/year
  • Maternity leave: 52 weeks: the first 13 weeks are fully paid, followed by 26 weeks of half pay
  • Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%
  • Access to: private medical, private dental, free health assessments, share save scheme
  • Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan
Read More
Arrow Right

Head of cyber threat exposure and attack surface management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ...
Location
Location
United Kingdom , Knutsford
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction
  • Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies
  • Strong understanding of attack paths, adversary emulation, and continuous validation concepts
Job Responsibility
Job Responsibility
  • Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles
  • Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture
  • Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms
  • Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies
  • Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise
  • Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions
  • Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface
  • Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions
  • Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes
  • Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Senior SecOps Engineer

As a Senior Security Operations Engineer at Island, you will be the security anc...
Location
Location
United States , Dallas
Salary
Salary:
Not provided
island.io Logo
Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in security operations, with hands-on depth across at least two of: incident response, cloud security posture, and vulnerability management
  • Proven incident responder - comfortable leading triage and containment under pressure, writing clear timelines, and running post-mortems
  • Solid AWS knowledge (IAM, EC2, EKS, S3, CloudTrail, GuardDuty)
  • GCP or Azure experience a plus
  • Hands-on CSPM experience, preferably Wiz
  • Strong communicator across async and sync - able to translate technical findings into business risk for engineering leads and senior stakeholders
  • Scripting ability and mind-set to reduce manual overhead and build durable workflows is a plus
  • Dallas, TX - US citizens only
  • ability to work in FedRAMP-regulated environments required
Job Responsibility
Job Responsibility
  • Lead US-timezone incident response efforts, including triage, containment, investigation, stakeholder communication, and post-incident reviews
  • Manage and improve cloud security posture across AWS, GCP, and Azure, including Wiz findings remediation, IAM exposure, misconfiguration management, and cloud detection engineering
  • Own vulnerability management across web, infrastructure, and container environments, including prioritization, remediation tracking, and reporting
  • Drive FedRAMP continuous monitoring activities for GovCloud environments, including evidence collection, POA&M tracking, audit support, and compliance operations aligned with NIST 800-53
  • Partner with the global SecOps Lead on team strategy, tooling decisions, risk identification, and security improvement initiatives
Read More
Arrow Right

Head of Cyber Defence

An experienced cyber security leader responsible for developing and executing en...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
idexconsulting.com Logo
IDEX Consulting Ltd
Expiration Date
September 16, 2026
Flip Icon
Requirements
Requirements
  • Cyber Security Strategy
  • Security Operations (SOC)
  • Incident Response & Crisis Management
  • Threat Intelligence
  • Vulnerability Management
  • Security Architecture
  • Risk Management
  • Team Leadership & Development
  • Stakeholder Management
  • Regulatory & Compliance Requirements
Job Responsibility
Job Responsibility
  • Lead and manage the Cyber Defence function, overseeing security operations, threat intelligence, vulnerability management, and incident response capabilities
  • Develop and implement cyber defence strategies, policies, and procedures to protect against evolving cyber threats
  • Direct Security Operations Centre (SOC) activities, ensuring effective monitoring, detection, investigation, and response to security incidents
  • Oversee threat intelligence programmes, identifying emerging risks and implementing proactive defensive measures
  • Lead cyber incident response activities, coordinating technical teams and business stakeholders during security events
  • Manage vulnerability assessment and remediation programmes across enterprise infrastructure and applications
  • Collaborate with technology, risk, compliance, and business teams to strengthen organisational cyber resilience
  • Provide strategic advice and reporting to senior leadership on cyber threats, security posture, and risk exposure
  • Manage relationships with external security vendors, consultants, and industry partners
  • Lead, mentor, and develop a team of cyber security professionals
  • Fulltime
Read More
Arrow Right

Cyber Security Operations Manager

We are seeking a Security Operations Manager to lead and strengthen Frasers Grou...
Location
Location
United Kingdom , Mansfield
Salary
Salary:
Not provided
sportsdirect.com Logo
Sports Direct
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years experience in a similar role with technical expertise and leadership experience in a SOC environment
  • Strong knowledge of threat detection and incident response
  • Passionate about protecting enterprise and OT environments in a complex, global organisation
  • Experience with SOAR/automation
  • Strong communication skills and experience building relationships across departments
Job Responsibility
Job Responsibility
  • Lead and develop the internal SOC team, fostering a proactive, high-performing security operations culture
  • Oversee monitoring and detection across enterprise IT, cloud, and operational technology systems, ensuring alerts and incidents are appropriately managed and escalated
  • Participate in on-call rotations, providing guidance and response expertise during security events
  • Ensure SOC detection tools and capabilities are up-to-date and aligned with evolving threat landscapes
  • Collaborate with vulnerability management, incident response, and GRC teams to integrate risk-informed security operations practices
  • Drive continuous improvement of SOC processes, playbooks, and metrics to enhance operational efficiency and threat visibility
  • Support compliance and regulatory requirements (e.g., PCI DSS), reducing the organisation's overall risk exposure
What we offer
What we offer
  • Frasers Champion - peer nominated scheme where 8 winners will receive double their pay for a month
  • Retail Reconnect - one to two days in a store or warehouse each financial year
  • Fearless 1200 - reward linked to performance and values
  • Frasers Fit - free gym classes and discounted memberships
  • Retail Trust - free access to 24 hour wellbeing helpline, wellness hub, counselling and financial/legal support
  • Fulltime
Read More
Arrow Right

Ai Lead Application Architecture - Vice President

We are seeking a highly experienced and technically proficient Sr Applied AI Eng...
Location
Location
India , Pune
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15 years of relevant experience in leading Apps Development or systems design role
  • Extensive experience system analysis and in programming of software applications
  • Demonstrable exposure and practical experience with AI development
  • Knowledge of capital market is plus
  • Experience in managing and implementing successful projects
  • Subject Matter Expert (SME) in at least one area of Applications Development
  • Ability to adjust priorities quickly as circumstances dictate
  • Demonstrated leadership and project management skills
  • Consistently demonstrates clear and concise written and verbal communication
  • Bachelor’s degree/University degree or equivalent experience
Job Responsibility
Job Responsibility
  • Lead the design, development, and implementation of complex middleware applications using Java and Spring Boot: Utilize AI-powered code generation tools (e.g., Devin, Copilot, Codex) to accelerate development, automate boilerplate code, suggest optimal implementations, and enforce architectural patterns. Leverage AI for design pattern identification and complex system architecture validation
  • Architect and optimize database interactions with Oracle, SQL, and MongoDB, ensuring high performance and data integrity: Employ AI to analyze database query performance, suggest advanced indexing strategies, optimize schema designs, and generate efficient SQL/NoSQL queries. AI-driven tools can also assist in predicting database load and recommending scaling solutions
  • Drive the adoption and continuous improvement of CI/CD pipelines to facilitate rapid and reliable software delivery: Integrate AI into CI/CD processes for intelligent test case generation, predictive failure analysis, automated code vulnerability scanning, and optimization of pipeline execution times based on historical data
  • Collaborate with cross-functional teams, including product management, QA, and operations, to define requirements, design solutions, and deliver high-quality software:Use AI-powered communication and summarization tools (e.g., Claude) to streamline requirement gathering, document analysis, and stakeholder communication. AI can also assist in translating technical designs into accessible formats for various audiences
  • Mentor and provide technical guidance to junior and mid-level software engineers, fostering a culture of technical excellence and continuous learning: Leverage AI platforms for personalized learning paths, automated code feedback, and explanations of complex technical concepts. Encourage junior engineers to adopt AI-driven development practices
  • Actively research and experiment with AI technologies to identify opportunities for enhancing developer productivity, automating tasks, and improving software quality:Continuously explore emerging AI tools and techniques (such as Anti Gravity for complex problem-solving) and assess their applicability to our development ecosystem
  • Participate in code reviews, ensuring adherence to coding standards, best practices, and architectural guidelines: Utilize AI-powered code analysis tools to pre-scan code for potential bugs, security vulnerabilities, performance bottlenecks, and style deviations, allowing human reviewers to focus on higher-level logic and design
  • Troubleshoot and resolve complex technical issues, ensuring the stability and performance of production systems: Implement AI-driven anomaly detection in monitoring systems, leverage AI for rapid log analysis and root cause identification, and automate incident response workflows
  • Contribute to the strategic planning and technical roadmap for our middleware platforms: Employ AI to analyze industry trends, forecast technology evolution, assess the impact of new features, and prioritize roadmap initiatives based on data-driven insights
  • Conduct tasks related to feasibility studies, time and cost estimates, IT planning, risk technology, applications development, and model development: Utilize AI for data synthesis, predictive modeling for estimations, identification of potential IT risks, and accelerated model prototyping and validation
  • Fulltime
Read More
Arrow Right

Security Services Architect

As a Security Services Architect, you will play a pivotal role in designing, pla...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 12+ years of overall experience in cybersecurity, including enterprise solution architecture and risk management
  • Minimum 5–7 years of experience in Identity Credential and Access Management (ICAM)
  • At least 3 years in Idira PAM Self-Hosted (on-Prem) architecture and implementation
  • Strong expertise in identity security, privileged access management, and large-scale IT environments
  • Hands-on experience in designing and implementing Idira On-Prem PAM, in both on-premises and cloud infrastructure, at least after v11.x
  • Extensive hands-on experience in at least two of these cloud technologies: AWS, Azure, and GCP
  • Proficiency in technologies such as Active Directory, LDAP, SAML, OAuth, Python, PowerShell, with extensive hands-on experience in at least two of these technologies
  • Deep understanding of security architecture, vulnerability management, and regulatory frameworks (e.g., OWASP, NIST, SANS)
  • Strong communication and presentation skills, with a proven record of engaging both technical and executive audiences
  • Exposure to handling Indian customers esp. for more than 4-5 years and technical refresh/upgrade cycles
Job Responsibility
Job Responsibility
  • Design and Architecture – Define and document secure solution architectures tailored to customer needs
  • Solution Delivery – Lead and deliver complex enterprise deployments of Idira solutions throughout the full lifecycle
  • Advisory and Expertise – Provide strategic guidance on trends and best practices in identity security and privileged access management
  • Business Alignment – Assess customer priorities and advise on solutions that balance security, business impact, and operational efficiency
  • Security Standards – Establish and promote standard practices for deploying Idira solutions and securing identities
  • Technical Leadership – Act as a trusted expert for customers and internal teams, providing mentorship and knowledge transfer
  • Stakeholder Engagement – Build strong relationships with customers and act as the key conduit between them and Idira’s internal teams
  • Governance and Assurance – Participate in design reviews, risk assessments, and incident response to ensure solutions meet security standards
  • Enablement and Training – Deliver training sessions, develop secure deployment guidelines, and support internal/external security awareness
  • Continuous Innovation – Stay current with emerging threats, technologies, and industry trends
  • Fulltime
Read More
Arrow Right

Security Architect

Opportunity to join a premier enterprise Architecture & Delivery team to steer c...
Location
Location
Australia , Melbourne
Salary
Salary:
900.00 - 1100.00 AUD / Day
https://www.randstad.com Logo
Randstad
Expiration Date
July 03, 2026
Flip Icon
Requirements
Requirements
  • 8+ years of professional experience in IT solution design, build, or delivery, with 5+ years dedicated to IT Security, IAM, IGA, PAM, and cloud security environments
  • Expert hands-on experience with Entra ID (including Conditional Access Policies, Connect, B2B/B2C, ZTNA, Graph API) and Okta SSO (SAML, OIDC, OAuth)
  • Strong architectural knowledge of IGA platforms (SailPoint, One Identity, or Saviynt) and PAM architectures (CyberArk or Beyond Trust)
  • Proven understanding of identity-specific threat modelling, DevSecOps mindsets, and frameworks such as MITRE ATTCK and NIST AI RMF across hybrid cloud structures (VMware, AWS, Azure, GCP)
  • Tertiary qualification in IT, Engineering, or a related field, combined with an industry standard certification such as CISSP
  • 8+ years of professional experience in IT solution delivery or design, with 5+ years focused on SIEM, SOAR, Vulnerability Management, and Continuous Threat & Exposure Management (CTEM)
  • Direct experience architecting and implementing solutions using Microsoft Unified SecOps Platforms, Microsoft Sentinel, Microsoft Defender XDR, and Splunk ES/SOAR
  • Technically proficient in securing hybrid cloud environments using native and third-party CASB, M365 E5 Security Services, Intune MDM, and Cloud Workload Protection platforms
  • Comprehensive knowledge of security and architecture frameworks including TOGAF, SABSA, MITRE Atlas, NIST RMF, ISO 27001, ISM, and ASD Essential 8
  • Tertiary qualification in IT, Computing, or Engineering, with highly regarded certifications such as CISSP, AWS Security Specialty, Microsoft AZ-500, or Microsoft SC-100
Job Responsibility
Job Responsibility
  • Architect and implement modern identity and access management (IAM) models leveraging Entra ID, Ping Identity, and auxiliary technologies
  • Deliver secure solution architecture artefacts (such as SAR, SOAP, and NFRs) tailored for identity portfolio epics
  • Design and enforce robust network validation and enterprise authentication policies, including SSO, MFA, Conditional Access, and Passwordless Authentication
  • Lead enterprise migrations involving legacy infrastructure upgrades, Exchange transitions, and broad application onboarding to Entra ID
  • Govern and design solutions for Privileged Identity Management (PIM) and Privileged Access Management (PAM) to secure elevated credentials
  • Automate identity lifecycle processes (Joiner-Mover-Leaver) and configure rigid RBAC models and compliance access reviews
  • Define the secure implementation strategy and construct security controls aligned with Microsoft Azure and M365 E5 Security Services
  • Architect and implement SecOps solutions using Microsoft Defender, Microsoft Sentinel, Unified SecOps Platform, Microsoft Security Copilot, and Splunk ES/SOAR
  • Deliver end-to-end solution architectures and architecture documentation for assigned SecOps portfolio epics
  • Integrate and optimize Azure Sentinel to advance threat detection capabilities, incident response mechanisms, and AI security defense analytics
!
Read More
Arrow Right