CNAPP Platform Operations

Aggregate function:  Technology
Business Area:  GT Global Cyber Security
Posting Country:  Portugal
Date Posted:  1 Jul 2026
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Join Us

At Vodafone, we’re not just shaping the future of connectivity for our customers – we’re shaping the future for everyone who joins our team. When you work with us, you’re part of a global mission to connect people, solve complex challenges, and create a sustainable and more inclusive world. If you want to grow your career whilst finding the perfect balance between work and life, Vodafone offers the opportunities to help you belong and make a real impact.

Global Cyber Security’s role is to inspire trust and confidence in our customers by enabling secure connectivity.  Our purpose is to proactively protect Vodafone & its customers by reducing the risks posed by security threats to Vodafone’s global technology infrastructure and the sensitive data it holds.   

As the CNAPP Platform Operations lead/practitioner, you will own the day-to-day operation, stability and continuous improvement of Vodafone’s Cloud-Native Application Protection Platform (CNAPP). You will ensure robust RBAC and identity governance, reliable integration across cloud environments and CI/CD toolchains, that findings are triaged and routed effectively, and that policies and controls are implemented in a pragmatic way that reduces risk without blocking delivery. You will collaborate closely with Cloud Security, Engineering, DevSecOps, SOC and Product teams to embed CNAPP into ways of working and to drive measurable improvements in cloud security posture. 

What you’ll do

  • Own CNAPP run operations: monitoring, health checks, incident management, vendor escalation and release/change planning;
  • Manage CNAPP as a service: define support model (L2/L3), operational processes, service backlog and continuous improvement cadence;
  • Maintain platform configuration, guardrails and standards across the cloud estate;
  • Design and operate CNAPP RBAC aligned to Vodafone’s security model, ensuring least privilege and clear separation of duties;
  • Define and manage role definitions, permission sets and administrative boundaries (e.g., Platform Admin vs Security Analyst vs Engineering Viewer);
  • Implement and maintain SSO and identity integration with the corporate IdP (e.g., Entra ID/Azure AD), including MFA, conditional access and lifecycle controls;
  • Own the joiner/mover/leaver process for CNAPP access: provisioning, periodic access reviews, recertification and removal;
  • Manage service accounts/API tokens used for CNAPP connectors and automations, ensuring secure storage, rotation, and auditability;
  • Drive governance for break-glass access and privileged actions: approvals, logging, and post-event review;
  • Ensure CNAPP audit trails and identity events are captured and forwarded where required (e.g., SIEM), supporting investigation and compliance;
  • Coordinate onboarding of new subscriptions/accounts/projects with correct connectors, permissions and data flows;
  • Build/maintain integrations with identity, logging and workflow tooling (SSO/IdP, SIEM, ITSM ticketing, collaboration channels);
  • Support integration into engineering toolchains (repos, CI/CD, container registries, IaC scanning, image scanning) where in scope;
  • Act as the operational point of contact for engineers and LM stakeholders using CNAPP;
  • Maintain operational documentation (runbooks, onboarding guides, RBAC model, access request flows, troubleshooting);
  • Deliver enablement on secure onboarding, identity hygiene and best practice use of CNAPP. 

Who you are

  • Bachelor/Master Degree in Computer Science or related field;
  • Proven experience operating a cloud security platform (CNAPP/CSPM/CWPP/CIEM/Vulnerability tooling) in a production enterprise environment;
  • Strong understanding of RBAC, privileged access management concepts, and identity lifecycle processes (JML, recertification, access reviews);
  • Hands-on experience integrating platforms with enterprise SSO/IdP and enforcing controls such as MFA and conditional access;
  • Strong understanding of cloud security fundamentals: identity and access, network exposure, vulnerability management, container/Kubernetes concepts, cloud configuration controls;
  • Experience integrating security tooling into enterprise ecosystems (SIEM, ITSM, CI/CD pipelines, repos, ticketing and collaboration tools);
  • Ability to translate risk findings into actionable remediation; confident influencing engineering and operational teams;
  • Operational capability: incident/problem management, change/release coordination, platform monitoring and vendor management;
  • Strong stakeholder management and clear communication; comfortable producing concise updates for senior audiences;
  • Experience with Wiz (or similar CNAPP tooling such as Prisma Cloud, Orca, Lacework, Defender for Cloud);
  • CIEM/identity posture experience (entitlement analysis, excessive privilege detection, least privilege programmes);
  • Automation/scripting (Python/PowerShell) and API-based integrations;
  • Familiarity with governance frameworks (CIS, NIST, ISO 27001) and mapping controls into platform policy;
  • Experience operating in a federated / multi-market environment;
  • Fluency in English.

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about empowering people and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to still apply as you may be the right candidate for this role or another opportunity.

What's in it for you

  • Hybrid Work Model - Flexible hybrid work model with 8-10 in-office days per month, managed by team leaders;
  • Vodafone Products and Services - Employees get a mobile phone, free communication plan, data card, and various discounts on services and products;
  • Recognition - Recognition programs for innovative, creative, high-potential employees and exemplary behaviors;
  • Health and Well-being - Well-being Program offers nutrition and psychological consultations, webinars, workshops, and discounts on various services and products;
  • Learning - Access to Communities of Practice and a customizable digital training platform with high-quality content (namely Harvard Business Publishing, Skillsoft and Speexx);
  • Local and International Mobility - Internal recruitment with local and international rotation opportunities across departments and roles

Who we are

We are a leading international Telco, serving millions of customers. At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live and we protect the planet, whilst helping our customers do the same.

Belonging at Vodafone isn't a concept; it's lived, breathed, and cultivated through everything we do. You'll be part of a global and diverse community, with many different minds, abilities, backgrounds and cultures. ;We're committed to increase diversity, ensure equal representation, and make Vodafone a place everyone feels safe, valued and included.

If you require any reasonable adjustments or have an accessibility request as part of your recruitment journey, for example, extended time or breaks in between online assessments, please refer to https://careers.vodafone.com/application-adjustments/ for guidance.

Together we can.

Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.