Job Information
BT Cyber SOC Critical National Infrastructure Specialist in Birmingham, United Kingdom
Cyber SOC Critical National Infrastructure Specialist
Job Req ID: 35632
Posting Date: 3 Jul 2024
Function: Cyber Security
Unit: Networks
Location:
Snowhill, Birmingham, United Kingdom
Salary: Competitive with Great Benefits
Why this job matters
As BT Group is one of the most critical of all UK Critical National Infrastructure defending against cyber-attacks is our highest priority, the service availability is pivotal for the UK and Global connectivity. Growing on a daily basis we see more sophisticated threat actors (often nation states) developing their tactics to new heights and targeting our industry, the CNI team will be a key part within our elite Cyber Operations team to keep BT Group and the UK critical networks safe.
BT Group’s Cyber Operations and Intelligence leverage threat intelligence, predictive analytics, automation and proactive lessons learned through exercising, to ensure BT Group is equipped to meet the continually evolving threat landscape in an agile, ambitious, proactive and financially astute manner.
The dedicated Critical National Infrastructure team will be responsible for defining and triaging intelligence from BT Groups range of sources and partners, and determining the potential risk and impact to the CNI BT manages. With the threat-led strategy the cyber security specialists will conduct a range of proactive threat hunting activities and reactive monitoring of security tooling to investigate signs of potential malicious activities and carry out any remediation actions required to ensure the infrastructure remains secure and online.
The CNI team will be using the already established ways of working within Protect BT group for Cyber Ops including incident response, incident management, threat intelligence, and threat hunting, but will be specialised in the BT Network infrastructure domains defining the operational service wrap for; remaining 3G, 4G/ 5G mobile infra, Fixed networks, cell towers and other aspects of our core network.
Working along side our partners within NCSC and other Telecommunications providers we will be developing our Strategic and Operational collaboration working groups to best use BT’s ringside seat to establish targeted bilateral intelligence-sharing relationships with similarly capable Global peers.
This role follows hybrid working & can be based in any of the following locations: Birmingham, Bristol, Ipswich, London, Manchester
Please note this role requires you to be eligible for SC Clearance due to the role's nature
What you’ll be doing
Responsible for ensuring BT is defended against threat attack vectors, actors and their tactics, techniques and procedures (TTPs).
Actioning intelligence by either proactive threat hunts, or actions withing security tooling.
Responsible for actioning reactive security alerts/incidents following the incident response plan, sot ensure containment, remediation, and review.
To deliver rapid comprehensive and evidentially sound cyber security investigations
Responsible for working across PBT to effectively manage cyber security issues and incidents
Ensures the effectiveness of the Cyber operation to minimise the impact of cyber incidents to BT and customers.
Contributing towards collaboration with partnerships with internal and external working groups (NCSC/ Global System for Mobile Communications Association G (GSMA)
To contribute towards the threat detections creation analytic tuning and governance.
Responsible for proportionate decision making and thorough documentation of actions completed on investigations, actions undertaken and decisions made on the appropriate case management system.
Support and maintain the ISO27001 certificate for Protect BT that is in scope of the BT Business Support certificate LRQ0962885.
Contribute to continual improvement of BT's capability to operationally exploit tools and data to better Protect BT, its business and reputation.
Contribute to Cyber Security SOC Area to ensure that the PBT Cyber Operations is effective, agile and responsive and that people, processes and technology are enabled to go beyond limits.
Deputises for Area Manager where required
Skills Required for the Role
Calm & Decisive under pressure: effective at driving calm and effective response to cyber security issues
Communication, Visual & Written skills: Very strong communication, visual & written skills.
Technical Excellence: Industry leading technical expertise and knowledge of Mitre ATT&CK Mobile Framework TTP’s and MoTIF
Experience in threat hunting using security tooling for creating MITRE mapped detections.
Analytical/investigation skills revieing large data sets for anomalies and carrying out investigations to completion.
Security tooling using vendors such as Crowdstrike/Elastic/ Trellix or others
Previous experience dealing with mobile/fixed networks and understanding of importance within a network. (4G, 5G, Signalling, SS7, BGP)
Understanding of threat actors or threat vectors that may be targeting CNI
Influencing skills: Ability to persuade, influence and motivate others, with the right sense of urgency, without having formal authority.
Building External Relationships: partner relationships with other SOCs (peers, customers and vendors) and National Cyber Security Centre operations.
Familiarisation with legal frameworks and relevant BT policies governing specialist cyber investigation techniques and evidential standards, understanding how to seek appropriate advice.
Security Clearance: DV preferred – ability to obtain and maintain SC essential
Experience Required for the Role
Practical knowledge and experience of day to day Cyber security operations.
Excellent technical credentials, able to play a leading part in technically capable high performing and motivated teams.
Experienced in handling Cyber security threats and incidents.
Fully conversant with MITRE ATT&CK/Mobile and its utilisation for SOC and Cyber security.
Typically qualified to degree level, or equivalent professional experience.
Member of a professional body and/or with industry recognised qualifications e.g. BCS, CISSP, CISM IET etc.
Benefits
At BT, we entertain, educate, and empower millions of people every single day. We’re a brand built on connecting people – whether that’s friends, family, businesses, or communities. Working here, you’ll receive an attractive salary and a range of competitive benefits, but – more than that – you’ll be joining an ambitious organisation with a culture of togetherness, collaboration, and inclusivity, that takes a genuine and proactive interest in your progress and development.
Competitive salary
10% on target bonus
BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%
25 days annual leave (not including bank holidays), increasing with service
Huge range of flexible benefits including cycle to work, healthcare, season ticket loan
World-class training and development opportunities
Option to join BT Shares Saving schemes.
Discounted broadband, mobile and TV packages
Access to 100’s of retail discounts including the BT shop
About us
BT is part of BT Group, along with EE, Openreach, and Plusnet.
Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning, and the emergency services responding.
We value diversity and celebrate difference. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help and support, learning and development.
This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.
A FEW POINTS TO NOTE:
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
DON'T MEET EVERY SINGLE REQUIREMENT?
Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your past experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.