Why this job matters
BT Group is one of the most critical of all UK Critical National Infrastructure.
Our job is simple - defend it from Cyber Attack.
Your role at BT is pivotal in helping us achieve this. You will have access to an unparalleled level of data and security tooling to help us achieve our goal of being the world's most trusted connector of people, devices and machine by 2030.
This role follows hybrid working & requires 3 days in the office - choice of Bristol, Ipswich or Manchester
What you'll be doing
1. Conduct proactive threat hunting activities to identify and mitigate potential security threats, aligning with the MITRE ATT&CK Framework.
2. Analyse and interpret security data from various sources, including logs, network traffic, and endpoint data.
3. Develop and implement advanced threat detection techniques and tools.
4. Collaborate with the incident response team to investigate and respond to security incidents.
5. Create and maintain detailed documentation of threat hunting activities and findings.
6. Stay up-to-date with the latest threat intelligence and cybersecurity trends.
7. Provide recommendations for improving security posture and threat detection capabilities.
8. Lead an intelligence-led vulnerability management process.
9. Act as CTI SME within a wide range of Security engagements.
10. Lead collaboration activities with internal teams to enhance understanding of potential adversaries and attack vectors.
11. Deliver verbal presentations and threat briefs to internal and external stakeholders.
12. Manage relationships within the wider Information Security community, representing BT to ensure impactful collaboration.
13. Oversee vendor relationships to ensure effective integration and usage of vendor platforms.
Skills & Experience Required for the Role
Must Have
* Proven experience in threat hunting, incident response, malware analysis or a similar role.
* Holds current relevant professional qualifications in Threat Hunting and/or Information Security (e.g., CEH, GCIH, GCFA) or willing to work towards.
* Strong knowledge of cybersecurity principles, threat landscapes, and attack vectors.
* Experience with Crowdstrike and Microsoft Defender hunting methodologies.
* Familiarity with the MITRE ATT&CK framework.
* Knowledge of security tools and technologies such as SIEM, EDR, and IDS/IPS.
* Excellent analytical and problem-solving skills.
* Strong oral and written communication skills.
* Proactive Team Player.
* Demonstrable experience of operational delivery in a fast-paced security environment.
* Knowledge of current security threats, threat models, frameworks, and common mitigations.
* Effective people skills.
Nice to Have
* Experience of intelligence-led vulnerability management processes.
* Experience with vulnerability management.
* Experience with scripting and automation (e.g., Python, PowerShell).
* Experience within another Telecommunications/CNI environment.
* Good written reporting skills.
* Management/Leadership experience.
* Network analysis skills.
About us
BT Group was the world's first telco and our heritage in the sector is unrivalled. As home to several of the UK's most recognised and cherished brands - BT, EE, Openreach and Plusnet, we have always played a critical role in creating the future. Over the next two years, we will complete the UK's largest and most successful digital infrastructure project - connecting more than 25 million premises to full fibre broadband. Together with our heavy investment in 5G, we play a central role in revolutionising how people connect with each other.
While we are through the most capital-intensive phase of our fibre investment, we are focused on how we organise ourselves to serve our customers in the years to come. This includes radical simplification of systems, structures, and processes on a huge scale. Together with our application of AI and technology, we are creating the UK's best telco, reimagining customer experience and relationships.
A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you're a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.
DON'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement, please apply anyway. #J-18808-Ljbffr