Cyber Security Professional - Spain Operations
Madrid, Spain
BT Group
From Ultra Fast Full Fibre broadband to TV & Mobile, BT helps UK families, communities & companies reach their potential. Find more BT products here.
BT is one of the world's leading communications services companies which provides communications services solutions, serving customers in more than 180 countries. The services we sell are integral to modern life. Our purpose is as simple as it is ambitious: to use the power of communications to make a better world. Join our Cybersecurity team as a cybersecurity analyst to be incorporated in our 24/7 service!
Security isn’t always the first thing that comes to mind when you think of BT, but when it comes to keeping everyone safely connected, We Are The Protectors. We deal with thousands of cyber-attacks every day, so that millions of people can safely go about their daily lives and run their businesses. We deliver vital work at scale, with real breadth and impact. We connect for good.
This is an opportunity to play your part and protect our company, our customers and our communities from cyberattack. Be part of a dedicated team and get ready to be challenged every day to make the most of your skills and experience. You’ll learn from those around you, and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and flexible working environment where your contribution is always valued.
We offer:
- A place to work comfortably as a team
- Initial and continuous training to keep up to date in the world of cybersecurity
- A company and area in growth and continuous renewal
- Job security
Responsibilites for the role:
This role is based in Blue Team activities;
- Manage Complete Security Incidents Process for Detection, Analysis, Response and Remediation
- Monitoring and set the correspondence category of every Incident Security identifying True Positives and False Positives based in correspondent Use Cases in production
Manage all the incident phases:
- Initial event investigation
- Basic triage activities - Interaction and communication with customer in all the investigation steps through ticketing systems
- Responsible for compliance with the SLAs defined by every client
- Follow all the processes and internal documentation available to ensure the quality parameters defined
- Detect when it is necessary to apply (and apply) the escalation processes defined for each service
- Initiative and anticipation to report improvements or lack of processes detected while performing duties (documentation, UC adjustments, etc.)
- Must ensure progressively improvement of skills and dynamism to manage the systems and tools demanded for delivery of services
Knowledge needed
- Computer systems
- Basic malware knowledge
- MITRE ATT&CK
- Websites, apps and tools used in companies
- Basic Security System knowledge
- Medium-high level of written and spoken English
Minimum requirements
- Minimum of 1 year's experience in Cybersecurity center (SOC) or equivalent handling security Incidents and Investigations
- Basic knowledge of security systems, networking and internet protocols, (Firewall, Proxy, IDS/IPS, VPN…)
- Demonstrated knowledge in blue team activities
- Demonstrated knowledge in tools & technologies like:
- SIEM systems (Qradar, Splunk, MS Sentinel, LogRhythm…)
- EDR solutions (CrowdStrike, MS Defender, Trendmicro…)
- Phishing Analysis
- Knowledge of SOAR and Ticketing tools (Xsoar, Chronicle, Service Now, Jira, Remedy…)
- Other valuable capabilities:
-
- Analysis capacity
- Resolute person
- Quick response to incidents
- Teamwork
- Continuous learning ability
Valuable requirements
- CompTIA Security +
- CompTIA CySA+
- Other cybersecurity courses/certs
- Participation in CTFs & CONs
- ITIL knowledge
A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
DON'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Blue team Compliance CompTIA CrowdStrike EDR Firewalls IDS IPS ITIL Jira LogRhythm Malware MITRE ATT&CK Monitoring QRadar Sentinel SIEM SLAs SOAR SOC Splunk VPN XSOAR
Perks/benefits: Career development Flex hours Startup environment Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.