CNAPP Platform Engineer

Aggregate function:  Technology
Business Area:  GT Global Cyber Security
Posting Country:  Portugal
Date Posted:  1 Jul 2026
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Global Cyber Security’s role is to inspire trust and confidence in our customers by enabling secure connectivity.  Our purpose is to proactively protect Vodafone & its customers by reducing the risks posed by security threats to Vodafone’s global technology infrastructure and the sensitive data it holds.   

Responsible for leading the design, integration, and optimisation of CNAPP capabilities focused on cloud posture, workload protection and cloud identity risk across hybrid and multicloud environments. Acts as a technical leader and strategic advisor to cloud and platform teams, embedding security guardrails and automated controls to improve cloud security posture at scale. 

What you’ll do

  • Technical owner for CNAPP, including onboarding, configuration, policy management, optimisation, and daytoday engineering support;
  • Build and maintain cloud posture policies (CSPM) and runtime/workload protection policies (CWPP) for VMs, containers and Kubernetes;
  • Integrate CNAPP findings into operational workflows (ticketing, reporting, dashboards) and drive actionable remediation;
  • Drive cloud security guardrails, standards and reference patterns (landing zones, logging/monitoring, encryption, network segmentation, secrets handling);
  • Partner with cloud engineering/SRE teams to design scalable controls using automation and policyascode (where applicable), reducing manual effort and improving consistency;
  • Design and operate CNAPP RBAC aligned to least privilege and separation of duties (admin, security analyst, engineering viewer, etc.);
  • Integrate CNAPP with corporate SSO/IdP and enforce strong access controls (MFA/Conditional Access where applicable);
  • Improve identity security posture by identifying and driving remediation for overprivileged roles, risky permissions and exposed credentials (in collaboration with IAM/Cloud teams);
  • Drive vulnerability management strategy across cloud workloads and container layers using riskbased prioritisation and exposure context;
  • Partner with cloud/platform teams to reduce MTTR and improve vulnerability posture, focusing on highimpact systemic fixes;
  • Collaborate with cloud engineering, infrastructure, application teams and security to align on priorities and integrate CNAPP into governance;
  • Define KPIs (coverage, policy compliance, critical exposure reduction, vulnerability ageing) and lead continuous improvement initiatives;
  • Act as escalation point for complex cloud security and platform integration challenges. 

Who you are

  • Degree in Computer Science / Information Systems (or equivalent experience);
  • 3+ years’ experience in Cloud Security / CNAPP / DevSecOps or related domains, operating security platforms at scale;
  • Handson experience administering and optimising CNAPP platforms (e.g., Wiz, Prisma Cloud or equivalent);
  • Strong cloud security knowledge across AWS/Azure/GCP, including containers/Kubernetes security and cloud configuration controls;
  • Experience with CSPM, CIEM, CWPP, KSPM and Container Security;
  • Security automation scripting, and API integrations to enable scalable controls;
  • Strong stakeholder partnering and ability to influence adoption without direct authority;Exposure to Wiz / Prisma Cloud / Rapid7 (or equivalent CNAPP tooling) and vulnerability tooling;
  • Security certifications (e.g., CISSP, CCSP) and/or relevant cloud certifications;
  • Security certifications preferred (e.g., CISSP, CCSP, CSSLP, GWAPT, GCSA);
  • Fluency in English.

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you

  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders;
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products;
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors;
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products;
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing, Skillsoft and Speexx);
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles.

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.

Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.