Social network you want to login/join with:
Client:
BT Group
Location:
Bristol, United Kingdom
Job Category:
Other
EU work permit required:
Yes
Job Reference:
2ea8a0fa5173
Job Views:
4
Posted:
16.03.2025
Expiry Date:
30.04.2025
Job Description:
What you’ll be doing:
* Responsible for ensuring BT is defended against threat attack vectors, actors and their tactics, techniques and procedures (TTPs).
* Responsible for developing threat hunting and discovery strategies across TTP sector to identify and mitigate risk.
* To be a key contributor, advocate and driver in developing PBT operational capability across TTP sector.
* To deliver rapid comprehensive and evidentially sound cyber security investigations you will execute activities including incident response, security monitoring, threat hunting, security analytics and reporting to a high standard.
* Responsible for proportionate decision making and thorough documentation of actions completed on investigations, actions undertaken and decisions made on the appropriate case management system.
* Responsible for leading cross working within PBT to effectively manage cyber security issues and incidents.
* Responsible for collaboration within BT as well as with our external security partners, leading with vendors/3rd parties (NCSC) and Sec Ops councils.
* Accountable for contribution to security operations metrics working within teams and towards exec level metrics.
* Support and maintain the ISO27001 certificate for Protect BT that is in scope of the BT Business Support certificate LRQ0962885.
* Ensures the effectiveness of the Cyber operation to minimise the impact of cyber incidents to BT.
* Drive continual improvement of BT's capability to operationally exploit tools and data to better Protect BT, its business and reputation.
* Contribute to Cyber Security SOC Area to ensure that the PBT Cyber Operations is effective, agile and responsive and that people, processes and technology are enabled to go beyond limits.
* Potentially working as part of an on-call rota.
* Mentor and develop the security professionals within the team to grow and improve the whole team knowledge and skillset.
* Deputises for Area Manager where required.
Skills Required for the Role:
* Calm & Decisive under pressure: effective at driving calm and effective response to cyber security issues.
* Technical Excellence: Industry leading technical expertise within intrusion detection, and knowledge of Mitre ATT&CK Framework TTP’s and able to carry out data analysis tasks independently.
* Security Technology experience working with EDR/SIEM solutions, creating threat detection rules focusing on Crowdstrike Falcon, query/advanced threat hunting searches and developing automation with workflows and other automation.
* Solutions experienced with cloud-based solutions such as Azure Sentinel and Amazon Web Services.
* Growth mindset wanting to learn and develop new skills and continue to build as a Cyber Security Specialist.
* Leadership: be able to lead by example and provide guidance to junior members and develop our cyber professionals, and during investigations build strong team inclusion.
* Influencing skills: Ability to persuade, influence and motivate others, with the right sense of urgency, without having formal authority.
* Decision making: be able to independently make decisions based on actions from projects or working groups that reaches a sound decision.
* Project Management: ability to coordinate and champion a team to manage a project and related actions.
* Escalation management: able to work towards set SLA’s and escalate when potential blockers are found proactively.
* Building External Relationships: partner relationships with other SOCs (peers, customers and vendors) and National Cyber Security Centre operations.
* Stakeholder management: able to communicate with all levels and build relationships with customers.
* Familiarisation with legal frameworks and relevant BT policies governing specialist cyber investigation techniques and evidential standards, understanding how to seek appropriate advice.
Experience Required for the Role:
* Practical knowledge and experience of day-to-day Cyber security operations.
* Understanding of networking principles.
* Excellent technical credentials, able to play a leading part in technically capable high performing and motivated teams.
* Experienced in handling Cyber security threats and incidents and vulnerabilities.
* Experience in engaging senior stakeholders from Senior Manager to Director levels.
* Experience in using Crowdstrike Falcon for alert triage, threat hunting, and incident response (including real-time response) and IOC/IOA exclusions.
* Completed FHT 201/202 Responder and/or hunting certifications within Falcon.
* Experience with working as part of an on-call Rota 24/7 support for 1st line teams.
* Fully conversant with MITRE ATT&CK and its utilisation for SOC and Cyber security.
* Typically qualified to degree level, or equivalent professional experience.
* Member of a professional body and/or with industry recognised qualifications e.g. BCS, CISSP, CISM IET etc.
At BT, we entertain, educate, and empower millions of people every single day. We’re a brand built on connecting people – whether that’s friends, family, businesses, or communities. Working here, you’ll receive an attractive salary and a range of competitive benefits, but – more than that – you’ll be joining an ambitious organisation with a culture of togetherness, collaboration, and inclusivity, that takes a genuine and proactive interest in your progress and development.
* 10% on target bonus
* 25 days annual leave (not including bank holidays), increasing with service.
* Huge range of flexible benefits including cycle to work, healthcare, season ticket loan.
* World-class training and development opportunities.
* Option to join BT Shares Saving schemes.
* Discounted broadband, mobile and TV packages.
* Access to 100’s of retail discounts including the BT shop.
#J-18808-Ljbffr