Security isn’t always the first thing that comes to mind when you think of BT, but when it comes to keeping everyone safely connected, We Are The Protectors. We deal with thousands of cyber-attacks every day, so that millions of people can safely go about their daily lives and run their businesses. We deliver vital work at scale, with real breadth and impact. We connect for good.
This is an opportunity to play your part and protect our company, our customers and our communities from cyberattack. Be part of a dedicated team and get ready to be challenged every day to make the most of your skills and experience. You’ll learn from those around you, and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and adaptable working environment where your contribution is always valued.
- **Knowledge needed**
- Computer systems
- Basic malware knowledge
- MITRE ATT&CK.;
- websites, apps and tools used in companies.
- Basic Security System knowledge
- Medium-high level of written and spoken English
- **Minimum requirements**
Minimum of 1 years of experience in cybersecurity center (SOC) or equivalent handling security Incidents and Investigations.
Basic knowledge of security systems, networking, and internet protocols, (Firewall, proxy, ids/ips, vpn )
Demonstrated knowledge in blue team activities.
Demonstrated knowledge in tools & technologies like:
- SIEM systems (Qradar, Splunk, MS Sentinel, LogRhythm )
- EDR solutions (CrowdStrike, MS Defender, Trendmicro )
- Phishing Analysis
Knowledge of SOAR and Ticketing tools (Xsoar, Chronicle, Service Now, Jira, Remedy )
**Other valuable capabilities**:
- Analysis capacity
- Resolute person
- Quick response to incidents
- Teamwork
- Continuous learning ability
- **Valuable requirements**
- CompTIA Security +
. CompTIA CySA+
- Other cybersecurity courses/certs
- Participation in CTFs & CONs
- ITIL knowledge
**Description**
BT is one of the world's leading communications services companies which provides communications services solutions, serving customers in more than 180 countries. The services we sell are integral to modern life. Our purpose is as simple as it is ambitious: to use the power of communications to make a better world.
Join our Cybersecurity team as a cybersecurity analyst.
We offer:
- A place to work comfortably as a team.
- Initial and continuous training to keep up to date in the world of cybersecurity.
- A company and area in growth and continuous renewal
- Job security
**Responsibilities for the role**:
This role is based in Blue Team activities:
- Manage Complete Security Incidents Process for Detection, Analysis, Response and Remediation.
- Monitoring and set the correspondence category of every Incident Security identifying True Positives and False Positives based in correspondent Use Cases in production.
**Manage all the incident phases**:
- Initial event investigation
- Basic triage activities
- Interaction and communication with customer in all the investigation steps through ticketing systems.
- Responsible for compliance with the SLAs defined by every client.
- Follow all the processes and internal documentation available to ensure the quality parameters defined.
Initiative proactive and anticipation to report improvements or lack process detected.
Must be ensure progressively skills and dynamism to manage the systems and tools demanded