Cyber Security Ops. Specialist

Why this job matters

We build, maintain, develop and improve centralised security management, monitoring and reporting platforms for BT Security SOCs (Security Operations Centres) located globally. The platforms which we manage help our SOC Analysts, Specialists, Implementation Engineers and Designers to deliver the best possible Managed Security Services to our customers.

What you’ll be doing

•    Through proactive and reactive management maintain the availability, integrity and confidentiality of the security platforms that we manage for BT Security.

•    Upgrade all management systems as/when required either by BT Security Product Line or due to vulnerability/bug fixes.

•    Monitor all management systems 24x7x365 and resolve any issues reported by monitoring systems within customer committed SLAs (Service Level Agreements).

•    Deploy new management systems as required by BT Security customers and BT Security Product Line.

•    Identify and implement platform improvement work – continuously improving platform and BT Security performance.

•    Remediate any platform vulnerabilities reported via penetration testing or vendor security updates.

•    Upgrade and patch underlying Operating Systems (Windows, Linux) to maintain the overall security and supportability of the platform.

•    Maintain firewall policies to permit access to BT Security managed devices only. All other platform access should be denied by firewall policy. Maintain firewall configuration to deny unauthorised platform access.

•    Renew license and support contracts with vendors as/when required by BT Security Product Line and specific platforms.

1. Executes activities around incident response, security monitoring, threat hunting, security analytics and reporting.
2. Collaborates with vendors, consultants, and third-party service providers to ensure that baseline information security configurations are defined for products deployed across all technology platforms.
3. Mentors other security operations professionals, helping to improve the team's abilities by acting as a technical resource.
4. Champions, continuously develops and shares with team knowledge on emerging trends and changes in security operations.
5. Contributes to crucial relationships across the BT Group delivering efficient and consistent security operations services through continuous improvement opportunities creating defense lines that address growing business needs and a rapidly evolving security and threat landscape.
6. Ensures visibility on issues and gaps resulting from the security monitoring activities and wider capabilities to suggest innovative and efficient ways in addressing incident response.
7. Applies analytics to provide insight to other security leaders in order to enhance policies and processes related to risk management, security programme management, and security governance.
8. Executes continuous and rigorous assessment of current security operations processes and technology to craft enhanced strategy, process, and technology recommendations.
9. Empowers collaborations with security engineering and vulnerability teams to ensure security tooling is providing operations functions with appropriate visibility to detect and respond to security events as well as building processes to better inform on indicators of compromise.
10. Manages the development of baseline reporting metrics to effectively measure the health of the security operations domain and provide executive-level reporting of events, incidents, and trends.
11. Maintains security procedures for products, applications, and platforms, and act as a go-to technical resource for risky or unusual security or compliance matters.

The skills you’ll need

•    Check Point Multi Domain Security/Management.
•    Palo Alto Networks Panorama configuration and management, XSOAR and Prisma Access.
•    Fortinet FortiGate Firewall Configuration.
•    Fortinet FortiAnalyzer configuration and management.
•    Fortinet FortiManager configuration and management.
•    Cisco ASA configuration.
•    Cisco ISE (Identity Services Engine) configuration.
•    Internet Protocol Version 4. Networking and routeing.
•    IT troubleshooting. Network troubleshooting. Firewall troubleshooting.
•    VMware virtualisation technologies i.e. vSphere, ESXi.
•    Linux Systems Administration.
•    Windows Systems Administration.
•    Cloud Platforms – AWS, Azure, Google Cloud Platform etc.
•    Unix/Linux shell scripting.
•    Software Engineering experience – Python, Perl etc.
•    Database systems administration – Microsoft SQL Server, MySQL etc.
•    Excellent written and verbal communications.
•    ITIL (IT Infrastructure Library) – IT Operations experience.
•    Ability to learn new technologies without supervision. Self driven learning.
•    Open Source technologies.
•    SIEM (Security Information and Event Management) systems.
•    Logging systems e.g. Splunk, LogRhythm etc.
 

Experience you would be expected to have

•    MANDATORY - A background in server and application management in a security environment. 
•    PREFERRED - Extensive experience working in a sensitive commercial environment with demanding SLA.
•    MANDATORY - Knowledge of IP networks and protocols. 
•    MANDATORY - In depth practical experience and knowledge of a range of specific vendor products related to role.
•    PREFERRED - Experience in managing and delivery of customer solutions.
 

Our leadership standards

Looking in:
Leading inclusively and Safely
I inspire and build trust through self-awareness, honesty and integrity.
Owning outcomes
I take the right decisions that benefit the broader organisation.

Looking out:
Delivering for the customer
I execute brilliantly on clear priorities that add value to our customers and the wider business.
Commercially savvy
I demonstrate strong commercial focus, bringing an external perspective to decision-making.

Looking to the future:
Growth mindset
I experiment and identify opportunities for growth for both myself and the organisation.
Building for the future
I build diverse future-ready teams where all individuals can be at their best.