SOAR Developer

Job Title: SOAR Developer
Location: Newbury
 

Role Purpose

Cyber Defence Operations (CDO) is Vodafone Group’s Cyber Defence Operations Centre of Excellence. CDO’s mission is to protect Vodafone customers against global cyber risk.  CDO is specifically accountable for delivering:

• Cyber Defence operational leadership across Vodafone.
• Cyber Defence operational capabilities to Vodafone Group, the Local Market Operating Companies, and Partner Markets to enhance Vodafone’s global cyber defence posture and reduce its cyber risk.

Soar Developer works in the Cyber Security Operations team. This role is at the heart of the CDO team and a Soar Developer can expect to be involved concurrently in several of the following areas:

• Work closely with security analysts and engineers to detect and address security gaps by implementing automation workflows that enhance security operations.
• Evaluate and enhance CSOC workflows and processes by integrating automation through SOAR tools and technologies. 
• Deploy CSOC automation and ensure compatibility with existing detection and response tools. 
• Create and implement custom scripts to automate current detection and response workflows. 
• Operate and refine the CSOC playbook and workflow automations.

SOAR Developer will be expected to operate to a high established standard while maintaining the ability to make quick independent decisions. This role requires the ability to build strong relationships across the Vodafone security community.

What you’ll do

Key accountabilities and decision ownership: 

Soar Development – take part in and drive continual creation and refinement of automation playbooks within the Vodafone SOAR infrastructure to improve Cyber Security Operations efficiency and effectiveness. This would include responsibilities such as the following:

• Requirement Analysis – Collaborating with stakeholders to gather and analyse requirements for the Soar and translating them into actionable development tasks.
• Risk Management – Identifying potential risks and challenges in Soar development projects alongside implementing strategies to mitigate them.
• Vendor Management – Collaborating with external vendors or partners when necessary for tool integration, support or other aspects of Soar development. 
• Stakeholder communication – Acting as a liaison between the development team and stakeholders, providing regular updates on project progress, milestones and challenges.
• Expert at evaluating and making use of multiple data sources to build playbooks across multiple platforms and technologies.
• Utilise Soar to facilitate metrics collection, analysis and reporting.
• Create and maintain Soar documentation.
• Effectively collaborate with colleagues and counterparts internally and externally
• Working at a strategic level

Who you are

Core competencies, knowledge and experience:
Able to demonstrate experience of:

• Strong understanding of security concepts and practices, along with proficiency in programming languages such as Python, JavaScript or others commonly utilised in Soar development.
• In-depth knowledge and extensive hands-on experience with Soar platforms such as Splunk Phantom, Siemplify, IBM Resilient or similar tools.
• Knowledge of advanced threat detection and response methodologies alongside tools such as SIEM and Soar. 
• Comprehensive understanding of cybersecurity principles including security operations, incident response and threat intelligence. 
• Strong analytical and problem-solving skills to identify and address complex technical challenges in Soar solution development.
• Excellent familiarity with standard security frameworks such as MITRE, cyber kill chain and APT campaign strategies.
• Proven ability to work efficiently in fast-paced work environment and manage multiple priorities simultaneously. 
• Good interpersonal and communication skills, works effectively as a team player and the ability to communicate technical information to a non-technical audience.
• Clear demonstration of the Vodafone Spirit behaviours.
• Relevant experience within cyber security.
• Experience of working in a broad range of roles either inside or outside of Vodafone.
   

What's in it for you

Discretionary yearly bonus: 10%
Annual leave: 28 days + bank holidays + the opportunity to buy/sell/carry over 5 days/year
Charity days: 5 days/year
Maternity leave: 52 weeks out of which 39 weeks are fully paid + 13 weeks half pay and 6 months - working 4 days, getting paid 5
Private pension: You can contribute up to 5% of your basic pay with 2:1 matching from Vodafone up to 10%.
Access to: private medical, private dental, free health assessments, share save scheme
Additional discounts: Vodafone retail, gym, cinema, cycle to work, season ticket loan

Who we are

You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.

As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. We recognise and celebrate the importance of diversity and inclusivity in our workspace and we do not tolerate any form of discrimination especially related to but not limited to race, colour, age, veteran status, gender identification, sexual orientation, pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, HIV status, social origin, cultural background, social, or marital status.

Together we can.

#TogetherWeCan #GroupResourcing #GroupTalentAcquisition #WeAreHiring #JoinOurTeam #LI-hybrid