SIEM Software Engineer Lead
Snowhill, Birmingham, United Kingdom
BT Group
From Ultra Fast Full Fibre broadband to TV & Mobile, BT helps UK families, communities & companies reach their potential. Find more BT products here.Why this job matters
The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. Being the SIEM Software Engineer Lead you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the SIEM Software Engineering Team, leading the Automation strategy and leading the in-life Automation team.
This role can be based in any of the following locations and follows hybrid working: Birmingham, Ipswich, Belfast
What you’ll be doing
- Kubernetes DevOps/SysOps Engineering managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications.
- Implement best practices for Kubernetes configuration and security.
- Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog and other data collection protocols
- DevOps/SysOps Engineering collaborating with cross-functional teams (development, operations, and QA) to streamline software delivery and automating deployment pipelines using CI/CD tools
- Troubleshoot issues along the CI/CD pipeline
- Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT.
- Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements.
- Act as product owner, breaking down top level requirements into product backlogs as part of quarterly/sprint planning
- Lead on several complex technical deliverables ensuring work is completed on time and within budget
- To continually develop professional cyber skills and awareness, to always remain ahead of our attackers, and develop the skills of others in the unit
- To own / provide input into development and implementation of operational, processes policies and procedures, including platform and SecOps processes.
- Proactively drive forward continuous improvement within the team
- To be/become a recognized expert in at least one Cyber technology
- Interface with program and project managers to ensure appropriate security architecture engagement as necessary.
- Provide effective technology coaching and mentoring both inside and outside the team.
- Growth mindset and a desire to learn, teach, and improve skills.
- Previous ownership of mission-critical shared infrastructure
Skills Required for the Role
Essential:
- Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools (particularly big data feed ingestion)
- Experience in Phyton, JavaScript, Golang.
- Vast working experience on Gitlab CI or GitHub Actions
- Experience in monitoring tools as Grafana, ELK
- Experience in Agile software development systems and JIRA Tools.
- Experience with containerization technology and orchestration platforms e.g. Docker, Kubernetes
- Understanding IT, network services and security
- Ability to collaborate effectively with others to drive forward key security objectives
- Strong communication skills including presentation and documentation writing (to both technical and business audiences)
- An aptitude for autonomous learning as required by the demands of the business
- Proven problem-solving abilities
- Assertiveness, and the ability to drive through change
- Excellent team working skills including the ability to work effectively within a geographically disparate team
Advantageous:
- SIEM Experience Elastic Stack (ELK)
- Knowledge of Argo, Terraform
- Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform
- Knowledge of Offensive testing frameworks
- Message processing using Kafka, Rabbit MQ
- Knowledge of Linux, Windows and Network Administration
- Knowledge and experience of cloud services (public or private), OpenStack and K8S
- Knowledge cyber security such as CISSP, CCSP or SABSA
- Knowledge of Telecoms Security Act (TSA)
- Knowledge of architectural concepts such as microservices, service mesh.
- Strong knowledge of security policy/regulatory frameworks
- At least 3-5 years experience of cyber security engineering and delivery
Experience Required for the Role
- Bachelor’s/Master’s degree in Computer Science, Information Systems, Engineering, or other related fields
- 3-5 years of experience in CI/CD engineering experience with a different skillset
- Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls. Ideally from both a development and operational perspective
Benefits
At BT, we entertain, educate, and empower millions of people every single day. We’re a brand built on connecting people – whether that’s friends, family, businesses, or communities. Working here, you’ll receive an attractive salary and a range of competitive benefits, but – more than that – you’ll be joining an ambitious organisation with a culture of togetherness, collaboration, and inclusivity, that takes a genuine and proactive interest in your progress and development.
- Competitive salary
- 10% on target bonus
- BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%
- 25 days annual leave (not including bank holidays), increasing with service
- Huge range of flexible benefits including cycle to work, healthcare, season ticket loan
- World-class training and development opportunities
- Option to join BT Shares Saving schemes.
- Discounted broadband, mobile and TV packages
- Access to 100’s of retail discounts including the BT shop
About us
BT is part of BT Group, along with EE, Openreach, and Plusnet.
Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding.
We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development.
This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.
A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
DON'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Ansible Automation Big Data CCSP CI/CD CISSP Cloud Computer Science DevOps Docker ELK GitHub GitLab Golang Grafana JavaScript Jenkins Jira Kafka Kubernetes Linux Microservices Monitoring Network security OpenStack SecOps SIEM Strategy Terraform Vulnerability management Windows
Perks/benefits: Career development Competitive pay Flex hours Salary bonus
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.