Cyber Security Professional

**About BT**

BT has a key role in British society, fostering change and leading technology innovation. From delivering the Olympics, to supporting the emergency services, to investing more into research than any other UK technology company, we take pride in everything we do - and in the people who work here.

We're now a global company operating at the forefront of the information age, employing 90,000 people in 180 countries. And we're on a mission. Guided by our core values of Personal, Simple and Brilliant our goal is to help customers, communities and businesses overcome barriers and release their potential.

So, if you're interested in the power of potential, why not join us today and release yours? You can read more here about what it's like to work at BT.
- The role- The role holder will be responsible for the in-life delivery of a bespoke 24x7x365 commercial Security Operations Centre capability to a specific customer contract. The role holder will be responsible for the day to day management of the Commercial SOC to contractual SLA’s underpinned by specific KPI’s. She/he will be responsible for various aspects of the Commercial SOC operation including but not limited to:
- 24 x 7 pro-active monitoring for security incidents, 1st line support and reporting within the defined customer SLA
- Management, creation & maintenances of SIEM dashboard
- Developing a communication plan for level 1 and 2 SIEM incident handling
- Incident detection and Analysis, reporting, incident classification, provision of incident report to customer based in systems defined to support the process
- 24 x 7 change management process each according to a well-defined procedure based in the systems defined to support the process.
- Analysis of security rules and policies before they’re implemented.
- 24 x 7 communication customers about Incident Security and Change management according procedures and time scheduled defined in SLAs
- Developing escalations to Security Specialist regarding process defined
- Responsibilities- Responsibilities- As a member of the Cyber Security Monitoring and Response team you will respond to immediate security threats on BT and commercial networks across the globe.- Responsible for working in a 24x7 Security Operation Center (CySOC) environment.- The CySOC team’s goal is to detect, analyse, and respond to cybersecurity incidents using a combination of cutting-edge technology and a strong set of processes.- The CySOC team’s goal is to manage the change security process for simple changes and complex changes based in change catalogue agreed with customer.- Responsible for managing phases of change; Layout, set up and monitor after change.- CySOC staff work across the organisation, typically with incident response teams to ensure security issues are addressed quickly upon discovery. Monitor, analyse and defend against malicious or unusual activity that could be indicative of a security incident or compromise.- Support aspects of the delivery of discrete security services that provide the security infrastructure for customers.- Support elements of the Investigation and resolution as required and where necessary report incidents involving potential or actual breaches of protective security compliance.- Support the operational relationships with specific customers, suppliers and stakeholders, including all Third Parties, joint ventures and OLOs, ensuring the cost-effective provision of a professional Security service.- Requirements- A basic understanding of the cybersecurity landscape, including emerging risks and security solutions.- Knowledge of the TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts.- Knowledge of the OSI model and security that is associated with each layer.- Basic network security knowledge to include remote access, DMZ architecture, network monitoring, intrusion detection, and web server security.-
- Ability to multi-task, prioritize, and manage time effectively.- Motivated and ambitious to work on their own initiative without needing direction Strong attention to detail.- Relevant experience of stakeholder management and good interpersonal skills.- Relevant operational knowledge and experience of risk management.- Knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Centre- Basic knowledge of security logging tools (log management, SIEM, Advance Security Anomalies Systems- Threat intelligence - You gather, record and assess information from multiple sources on security threats and reported incidents. You evaluate trends in data to inform decision-making and minimise harm to our business and customers.- Knowledge of security methodologies and processes for: Incident security, Change Management and Secure Communication protocols.- IT and data network experience.- Knowledge of at least one security methodology such as MITRE ATT&CK Framework.- Experience- Re