Cyber Security Ops. Professional

Why BT?

We’ve always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world’s first telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.

Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large scale technology infrastructure like the creation of BT Sport.

Today in this fast changing, always on, digital world our purpose remains true. Yet the market conditions, regulation and competition we face are tougher than ever before. So if you have the drive, optimism and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future.

Why Security

Our purpose is to use the power of communication to make a better world. For each other, for our customers, for society and our communities.

Security incidents carry financial cost and can impact our brand and reputation. Proactively preventing, detecting and responding to incidents allows BT to reduce risk to the business and our customers. Any large organisation needs a centralised facility responsible for every aspect of Security, hardening the business posture from attack.Your role places real value in finding and adapting ways to protect and support our people, customers & communities.

Why this job matters

The Cyber Security Operations team’s goal is to detect, analyse, and respond to cybersecurity incidents using a combination of cutting edge technology and a strong set of processes. Cyber Security Operations staff work across the organisation, typically with incident response teams to ensure security issues are addressed quickly upon discovery. OT security is the practice of protecting the systems, networks, devices, and data that are used to operate or automate industrial processes, such as manufacturing, energy, transportation, and critical infrastructure. The roles of OT security include ensuring the safety, reliability, and efficiency of critical services and functions that affect the economy, environment, and public health.

The OT Cyber Security Professional (L1) forms the first level of monitoring in the Security Operations Centre. In this role you will monitor and respond to security events and incidents from managed customer security systems as part of a team. The role consists of monitoring realtime events and incidents from our customers, keeping abreast of intelligence from the IT/ OT security community (and government/law-enforcement), or other industry sources and operating from 24/7/365 within our Cyber Security Operations Centre (SOC). Shift work will be required to cover 24x7 operations.

What I’ll be doing – your accountabilities

•    As a member of the Cyber Security Operations team you will respond to immediate security threats on BT and commercial networks across the globe.
•    Responsible for working in a 24x7 Cyber Security Operation Centre environment.
•    The Cyber Security Opertaions team’s goal is to detect, analyse, and respond to OT cybersecurity incidents using a combination of cutting-edge technology and a strong set of processes.
•    Cyber Security Operations staff work across the organisation, typically with incident response teams to ensure security issues are addressed quickly upon discovery. Monitor, analyse and defend against malicious or unusual activity that could be indicative of a security incident or compromise.
•    Support elements of the Investigation and resolution as required and where necessary report incidents involving potential or actual breaches of protective security compliance.
•    Support the operational relationships with specific customers, suppliers and stakeholders, including all Third Parties and joint ventures ensuring the cost-effective provision of a professional Security service.
•    Support and maintain the ISO27001 certificate for the CySOC

Skills required for the job

•    A basic understanding of the OT cybersecurity landscape, including emerging risks and security solutions.
•    Knowledge of OT security concepts, Purdue Model and security that is associated with each layer. 
•    Knowledge of the TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts. 
•    Knowledge of the OSI model and security that is associated with each layer. 
•    Basic network security knowledge to include remote access, DMZ architecture, network monitoring, intrusion detection, and web server security.
•    Basic knowledge of security logging tools (log management, SIEM, Advance Security Anomalies Systems)
•    Awareness of Threat intelligence. Utilising threat intelligence to make informed decisions to minimise harm to our business and customers.
•    Knowledge of at least one security methodology such as MITRE ATT&CK Framework. 
•    Ability to multi-task, prioritize, and manage time effectively.
•    Strong ability to follow documented processes.
•    Relevant experience of stakeholder management and good interpersonal skills.

Connected leaders behaviours

Inspiring Communicator – You create inspiring messages for stakeholders and teams, linking and explaining programmes of activity and work.
Collaborative Partner – You build networks inside and outside of the business with stakeholders who share in the business unit agenda, removing barriers to collaboration.
Solution Focused Achiever – You translate strategy into ambitious goals, outcomes and timelines. You provide solutions to complexity.

Experience you would be expected to have

•    Relevant operational experience, ideally within a Security or Network Operations Centre
•    Relevant experience in analysis & interpretation of data into useable and actionable information/intelligence
•    Relevant operational knowledge and experience of risk and incident management
•    Relevant experience with operational technology/ industrial control systems
•    Knowledge of Security management, information security and threat intelligence – experience in the following is desirable: SIEM technologies, network security, malware defence and remediation
•    Understanding of threat, offenses, incident detection & response. 
•    Effective Communication, including verbal, report writing & presentations skills
•    Experience in problem solving
•    Business acumen and understanding of operational performance

About us

BT is part of BT Group, along with EE, Openreach, and Plusnet.

Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding. 

We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’

We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development.  

This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.

A FEW POINTS TO NOTE:

Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.

We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.

DON'T MEET EVERY SINGLE REQUIREMENT?

Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.