Cyber Investigation Specialist

Why this job matters

BT Group is one of the most critical of all UK Critical National Infrastructure. 
Our job is simple - defend it from Cyber Attack. 
Your role at BT is pivotal in helping us achieve this. You will have access to an unparalleled level of data and security tooling to help us achieve our goal of being the world’s most trusted connector of people, devices and machine by 2030.  Your role as a Cyber Investigation Specialist will involve conducting of a wide range of cybercrime related investigations including evidence gathering, data analysis, conducting witness and subject interviews, report writing, and case management. This includes reactively responding to global security incidents considered relevant and appropriate for further investigation, and pro-actively identifying intelligence development opportunities. 

​

This role is hybrid (3 days in office) & can be based in either Bristol or Manchester

What you’ll be doing

• Assessing risk and evidence on a wide range of security incidents and establishing the most suitable course of action, devising and implementing investigative strategies to prevent, deter and minimise harmful impact to BT.
  
• Accountable for proportionate decisions on investigations including reporting based on risk, cost and resourcing during investigations, security incidents and other relevant situations. 
  
• Production of investigation reports during and following enquiries; detailing actions taken, identifying areas of weakness and recommendation of further appropriate action e.g. prosecution, discipline, further enquiry, business improvements, audit etc.
  
• Obtaining and analysing data from a wide variety of sources
  
• Managing senior stakeholders and associated updates in an informative, concise and detailed format verbally and written
  
• Taking and production of witness statements, with professional presentation of evidence, including digital evidence derived from BT systems, network and host forensics.
  
• Thorough documentation of the investigation to support your attendance at court as a professional witness when required to do so.
  
• The nature of the role requires establishment and maintenance of good working relationships with internal and external customers and Law Enforcement Agencies. 
  
• Expert knowledge of legislation and investigative best practice specifically relating cybercrime and fraud. The role holder will conduct all such enquiries following the principles and in accordance with current legislation (e.g. RIPA, IPA, DPA/GDPR, CPIA and ACAS codes of practice) as well as BT internal policy.

Skills Required for the Role

• Influencing skills: Ability to persuade, influence and motivate others, with the right sense of urgency, without having formal authority.
• Communication, Visual & Written skills: Very strong communication, visual & written skills.
• Calm & Decisive under pressure: effective at driving calm and effective response to security issues
• Building External Relationships: partner relationships with industry groups and Law Enforcement Agencies.
• Investigation Management: Able to plan and conduct methodical investigations into a range of security matters.
• Investigative Interviewing: Trained to conduct investigative interviews using the PEACE model or similar.

Experience Required for the Role

Must Have

• Proven experience in Investigations and Investigation Management, including developing an investigation strategy, planning and conducting interviews, case preparation and evidence presentation.
• Experience of conducting investigations within either a corporate, law enforcement or similar environment. 
• Demonstrable experience of operational delivery in a fast-paced environment

Nice to Have

• Experience of investigating incidents of cyber and/or cyber-enabled crime, utilising digital evidence. 
• Operational OSINT / SOCMINT and Dark Web experience
• Understanding of current cyber threats that may affect the BT Group, as well as our corporate, business and residential customers. 
• Familiar with Digital Forensics and ACPO principles for Digital Evidence. 
• Experience using i2 or similar visualisation analytics tooling
• Holds current relevant professional qualifications in Investigations (PIP, CFE, APCIP), Cyber Intelligence (GCTI, CTIA, CRTIA) and/or Cyber Security (Security+, CISM, CISSP). 
• Experience with commercial CTI tooling and platforms

Benefits

• On target 10% on target bonus​
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%​
• From January 2025, equal family leave:  receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up.​
• Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more.​
• 25 days annual leave (not including bank holidays), increasing with service​
• 24/7 private virtual GP appointments for UK colleagues​
• 2 weeks carer’s leave ​
• World-class training and development opportunities​
• Option to join BT Shares Saving schemes.