Why this job matters
BT Group’s brand, reputation and ability to serve its customers and grow its business is founded on a strong security posture and ability to defend against harm and minimise risk. You are responsible for the implementation and operational delivery of an intelligence led Security Operations Centre (virtual) as defined by the Cyber Security Mission Strategy that will defend BT globally from Cyber adversaries.
Growing on a daily basis we see more sophisticated threat actors (often nation states) developing their tactics to new heights and targeting our industry, the Protect BT Group Cyber Operations and Intelligence team will be a key part BT Group and the UK critical networks safe.
BT Group’s Cyber Operations and Intelligence leverage threat intelligence, predictive analytics, automation and proactive lessons learned through exercising, to ensure BT Group is equipped to meet the continually evolving threat landscape in an agile, ambitious, proactive and financially astute manner.
The team are responsible for defining and triaging intelligence from BT Groups range of sources and partners, and determining the potential risk and impact to the BT. With the threat-led strategy the cyber security specialists will conduct a range of proactive discovery, threat hunting and reactive monitoring of security tooling to investigate signs of potential malicious activities and carry out any remediation actions within the guidance of incident and problem management to ensure BT remains secure and online.
Working along side our partners within NCSC and other Telecommunications providers we will be developing our Strategic and Operational collaboration working groups to best use BT’s ringside seat to establish targeted bilateral intelligence-sharing relationships with similarly capable Global peers.
This role is hybrid & requires 3 days in the office, choice of Bristol or Ipswich
SC Clearance eligibility is advantageous
What you’ll be doing
* Responsible for ensuring BT is defended against threat attack vectors, actors and their tactics, techniques and procedures (TTPs).
* Contribute towards security investigations working as part of a team to carry out evidentially sound cyber security investigations and risk procedures.
* Contribute towards developing discovery strategies across TTP sector to identify and mitigate risk.
* Supports in documentation development and maintenance of Cyber Ops doc forum processes.
* Participates with security collaboration within BT as well as with our external security partners.
* Support and maintain the ISO27001 certificate for Protect BT that is in scope of the BT Business Support certificate LRQ0962885.
* Contributes to overall effectiveness of the Cyber operation to minimise the impact of cyber incidents to BT
* Responsible for device ownership discovery where inventory information is missing or insufficient.
* Supports any continual improvement projects for Cyber Discovery’s capability to operationally exploit tools and data to better Protect BT, its business and reputation.
* Contribute to Cyber Security SOC Area to ensure that the PBT Cyber Operations is effective, agile and responsive and that people, processes and technology are enabled to go beyond limits.
* Responsible for working across PBT to effectively manage cyber security issues and incidents.
* Supporting in identification and tracking of critical vulnerabilities.
* Use opensource tooling to identify and reduce risk to BT.
Skills Required for the Role
* Calm & Decisive under pressure: effective at driving calm and effective response to cyber security issues
* Communication, Visual & Written skills: Very strong communication, visual & written skills.
* Technical mindset/development: have an understanding of Mitre ATT&CK Framework, and be focusing on learning to build understanding.
* Growth mindset wanting to learn and develop new skills and continue on a pathway to become a Cyber Security Specialist.
* Project Management ability to work as part of a team to manage a project and related actions.
* Decision making be able to work as part of a team and carry out actions from projects to input in to decisions
* Influencing skills: Ability to contribute towards details to help with influence decisions to be made.
* Building External Relationships: work as part of BT sec ops to build partner relationships with other SOCs (peers, customers and vendors) and National Cyber Security Centre operations.
Experience Required for the Role
* Practical knowledge and experience of day to day Cyber security operations.
* Excellent technical credentials, able to play a leading part in technically capable high performing and motivated teams.
* Experienced in handling Cyber security threats and incidents.
* Fully conversant with MITRE ATT&CK and its utilisation for SOC and Cyber security.
* Typically qualified to degree level, or equivalent professional experience.
* Understanding of open source security tooling and information available on the internet.
* Understanding of asset discovery processes and tooling.
* Scripting and automation knowledge.
Benefits
At BT, we entertain, educate, and empower millions of people every single day. We’re a brand built on connecting people – whether that’s friends, family, businesses, or communities. Working here, you’ll receive an attractive salary and a range of competitive benefits, but – more than that – you’ll be joining an ambitious organisation with a culture of togetherness, collaboration, and inclusivity, that takes a genuine and proactive interest in your progress and development.
* Competitive salary
* 10% on target bonus
* BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%
* 25 days annual leave (not including bank holidays), increasing with service
* Huge range of flexible benefits including cycle to work, healthcare, season ticket loan
* World-class training and development opportunities
* Option to join BT Shares Saving schemes.
* Discounted broadband, mobile and TV packages
* Access to 100’s of retail discounts including the BT shop
About us
BT is part of BT Group, along with EE, Openreach, and Plusnet.
Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding.
We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development.
This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.
A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.
DON'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.