Cyber Security Operations Centre Analyst

Job Title: Cyber Security Operations Centre Analyst

Career Grade: E

Location: Cheltenham

 

Due to the sensitive nature of this role, you may be required to undergo DV (Developed Vetting) level Security Clearance (https://www.gov.uk/government/publications/united-kingdom-security-vetting-clearance-levels/national-security-vetting-clearance-levels). An allowance of £5k per annum may be payable monthly while you hold this DV and continue to work in a role that requires that level of security clearance. The terms of this allowance will be made available if you are successful in being recruited into this role

. KZA268

Security isn’t always the first thing that comes to mind when you think of BT, but when it comes to keeping everyone safely connected, We Are The Protectors. We deal with thousands of cyber-attacks every day, so that millions of people can safely go about their daily lives and run their businesses.   We deliver vital work at scale, with real breadth and impact. We connect for good.

 

You'll be joining a specialist security team that is a trusted partner to governments worldwide, protecting critical national infrastructure and committed to the safety and security of our nation and global communities. Our mission focused work is innovative, inspiring and technologically challenging in a way that makes every day different and stimulating. We provide the opportunity to work on rare projects, with exciting tools and brilliant people. Everyone has access to unparalleled professional and personal development opportunities and your contribution is always valued.

 

Why this job matters:

 

Our purpose is to use the power of communication to make a better world. For each other, for our customers, for society and our communities.

This role is part of the BT Security team, providing end-to-end security for BT and its wider customer base.  It helps BT manage its contractual security obligations and contributes to the protection of brand and reputation.

Key Purposes:

• Responsible for the protective monitoring of BT systems and networks, specifically security information and event management (SIEM).
• Supporting BT Operational Security and Service Delivery Teams, to ensure they have up-to-date and effective technical security controls.
• Investigation and analysis of incidents.
• Identifying and reporting on threats and vulnerabilities.

Delivery of key reporting summarising protective monitoring and technical security control implementations, for the BT Security Compliance and Assurance Manager.

 

What you’ll do: 

•  Operating within a SOC team to utilise SIEM and available data to pro-actively monitor, identify, analyse, and respond to security threats.
• Incident detection, reporting, initial analysis/investigation, and incident prioritisation, to support the BT Security Incident Process.
• Implementation and support of SIEM configuration - dashboards, rules, alerts, correlations, watchlists, reports etc.
• Utilising other security technologies to enhance detection and identification of threats (Firewall, Anti-Virus, EDR/XDR, IDS/IPS).
• Implementation and maintaining of SOC processes (including Playbooks).
• Using BT Ticketing System for Incident Management
• Improving efficiency through false positive reduction
• Daily/weekly/monthly scheduled & ad-hoc reporting.
• Identifying and escalating of service issues relating to security monitoring toolsets to relevant BT technical teams
• Reviewing and assessing the delivery of BT security assurance activities through existing systems e.g. user account management, software version controls and end-point security.
• Ensuring that BT Security targets are achieved through own area of responsibilities.

 

 

What you'll bring:

 

•  Maintain a DV level security clearance.
• Strong skills in using security event and log data to identify security threats.
• Proficient in the use of SIEM technologies for security analysis and investigation. Including
• A good working knowledge of the Cyber Threat landscape.
• A good working knowledge of Incident Management Processes.
• Using Threat Intelligence to prioritise threats to monitored systems.
• Understanding and using the MITRE ATT&CK Framework.
• Working knowledge of end-point security technologies and their management technologies (Anti-virus, EDR, XDR).
• Working knowledge of Vulnerability Scanning processes, toolsets and reporting.
• Good understanding of Security Risk Management and associated processes.
• Good understanding of Industry Security Frameworks – e.g. NIST, ISO27001, CIS
• Recognised Industry Security Qualifications E.g. Blue Team Level 1, CISSP, CompTIA Security+, ISO27001 Implementation and audit.
• Excellent communication skills and report writing
• Good stakeholder management skills.
• Core competencies - Self-managing, well organised, calm under pressure, excellent negotiation skills.

 

Diversity and Inclusion:

 

Diversity makes sense for us, for our customers and for our future. We value different perspectives, skills, and experiences, and encourage applications from all sections of the community. Our ambition focuses on recruiting and retaining people who are under-represented in our workforce. Including those from ethnic minority groups, disabled and neurodiverse people and women. However, diversity does not end there and anyone with different backgrounds, gender identities, sexual orientations, ethnicities, ages or stages of life, disabilities and those from low socio-economic backgrounds are welcomed and encouraged to apply. Find out more about BT’s D&I manifesto by searching on our website.

 

Studies have shown that some people are less likely to apply to jobs unless they meet every single qualification and criteria. So, if you're excited about this role but your past-experience doesn't align perfectly with every requirement, don’t worry – we’d still love you to apply!

 

What's in it for you:

 

• Discounted BT Broadband, TV & mobile packages and BT products
• On target Bonus
• 10% pension contribution
• Professional development and paid for industry certifications/qualifications
• Flexible benefits/rewards including dental insurance, healthcare, gym memberships etc.
• Well-being support for you and your family
• 3 days paid volunteering a year
• Flexible and smart working (subject to business needs)

 

Why this job matters

The Cyber Security Consultancy Professional supports a range of information security, data protection, governance, risk and compliance activities including client assurance, policy compliance, vulnerability management, risk assessments and incident response.

What you’ll be doing

1. Supports the development and implementation of the Cyber Security strategy, developing and maintaining a current road map including new features and subservices required to meet commercial demand as well as changes to the security landscape, the sector and technologies.
2. Participates in the deployment, integration and configuration of new security solutions and enhancements to existing security solutions in accordance with standard best operating procedures.
3. Participates in resiliency exercises including threat modeling and security assessments, determining security requirements and specifications, and developing security solutions to satisfy design requirements.
4. Supports the implementation of information and cyber security controls and change initiatives across BT Group.
5. Supports the reporting of the status of risk exposure and control maturity against the relevant policies and standards.
6. Supports the analysis to the development of the Business Continuity Management Programme and Disaster Recovery Plan.
7. Supports in the implementation of ways to improve working processes within the cyber security.

The skills you’ll need

Compliance Monitoring and Controls TestingInformation Security StrategySecurity GovernanceStakeholder ManagementSecurity AssessmentSolution DesignData AnalysisVulnerability ManagementAgile MethodologiesCustomer Relationship ManagementCyber ResilienceRequirements ManagementPolicy DesignSecurity Evaluation and Functionality TestingDecision MakingGrowth MindsetInclusive LeadershipIncident Management

Our leadership standards

Looking in:
Leading inclusively and Safely
I inspire and build trust through self-awareness, honesty and integrity.
Owning outcomes
I take the right decisions that benefit the broader organisation.

Looking out:
Delivering for the customer
I execute brilliantly on clear priorities that add value to our customers and the wider business.
Commercially savvy
I demonstrate strong commercial focus, bringing an external perspective to decision-making.

Looking to the future:
Growth mindset
I experiment and identify opportunities for growth for both myself and the organisation.
Building for the future
I build diverse future-ready teams where all individuals can be at their best.