Cyber Security Professional, Spain Operations
BT Group
From Ultra Fast Full Fibre broadband to TV & Mobile, BT helps UK families, communities & companies reach their potential. Find more BT products here.
View company page
Security isn’t always the first thing that comes to mind when you think of BT, but when it comes to keeping everyone safely connected, We Are The Protectors. We deal with thousands of cyber-attacks every day, so that millions of people can safely go about their daily lives and run their businesses. We deliver vital work at scale, with real breadth and impact. We connect for good.
This is an opportunity to play your part and protect our company, our customers and our communities from cyberattack. Be part of a dedicated team and get ready to be challenged every day to make the most of your skills and experience. You’ll learn from those around you, and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and flexible working environment where your contribution is always valued.
Purpose Of Role:
-The role holder will be responsible for Support Customers and Cyber Security Professional Security Analyst of Operational Security to ensure keeping quality of service in life delivery of 24x7x365 from commercial Cyber Security Operations Centre capability to specific customers contractual SLA’s underpinned by specific KPI’s.
-These teams members will perform their responsibilities in business hours and on call out of business hours (24x7x365) by demanded Incident Security Escalations and Scheduled Complex Changes and/or Especial-Critical Interventions.
-These teams members will be responsible to act proactively in monitor the skills level of Cyber Security Professional Security Analyst of Operational Security and define Internal upskilling actions plan ensure the level required of service in life delivery of 24x7x365 from commercial Cyber Security Operations Centre capability to specific customers contractual SLA’s underpinned by specific KPI’s.
-These team members will work the existing Security Systems technologies and other core network security products.
-These team members will be assigned as principal and/or secondary responsible with the existing Security Systems technologies to specific customers contractual in life delivery of 24x7x365 from commercial Cyber Security Operations Centre.
-These team members will be assigned as principal and/or secondary responsible to specific customers contractual in life delivery of 24x7x365 from commercial Cyber Security Operations Centre to support activities and tasks coming from Cyber Security Professional Security Analyst.
-These team members will be represent and assume security technology responsibilities based in activities and/or tasks coming from actions in team work with other CySOC team members as SSOMs and/or CySOC Coordination Team as assigned principal and/or secondary to specific customers contractual in life delivery of 24x7x365 from commercial Cyber Security Operations Centre.
-These team members must be complete awareness and application of Compliance BT Policies and CySOC Policies what are more rigorous in terms of BT Policies definitions of Confidential and Highly Confidential.
-These team members will maintains relationships with people at an operational level always under BT code definitions referred to; support respect and appreciate each other’s.
The general scope of the Role will be applied by next aspects of the CySOC:
* These teams members will be always focused in way of think orient to prevention and prediction to protect of Threats, Breaches, Vulnerabilities, Threat Actors, etc., Customers/Organizations Business as way that Cyber Security Operations Centre act proactive the most of times and lest of times reactive.
* These team members will be manage the prevention and prediction way to protect Customers/Organizations based in Deterministic and Non- Deterministic options to detect Threats, Breaches, Vulnerabilities, Threat Actors, etc.
* These teams members will be proactively accountable to Team Leader and CySOC Manager for whole responsibilities assigned.
* From their position of security technical support must do a step more on the way of transmit the knowledge, skills and experience ensuring the receptors catch up the keys of concepts teaching and/or coaching.
* From their position and perspective will provide to stakeholders clear vision and understanding of security landscape of infrastructure and security systems involved to Remediate and/or Mitigate and/or Content in contractual in life delivery of 24x7x365 customers from commercial Cyber Security Operations Centre.
* Will be behaviour reference model in terms of assume responsibility, take decisions and looking forward to continues improvement the way of work.
* Supports in the delivery, implementation and operational end to end delivery for a subset of an IT security service and for a subset of the IT Security strategy, policy, procedures, processes, systems, threat identification & response that provide security services and solutions for or on security systems and infrastructure.
* Will be Security technical reference model providing senior skills levels as it be demanded from the stakeholders identified with from commercial Cyber Security Operations Centre.
* Will create and maintenance the technical Procedures definitions, Technical Documentations based in RunBooks and locating in the standards sites defined.
* Will monitor that technical documentation is adequate to provide the level of quality and support to current needs for contractual in life delivery customers.
* Will be provide proactive/reactive security technical support to Cyber Security Professional Security Analyst of Operational Security.
* Will be involved in technical escalations process based in matrix defined for every process: Incident Security and Change Management.
Key Responsibilities:
* Provide clear view on support activities of infrastructure and security systems involved to Remediate and/or Mitigate and/or Content security perimeter architecture landscape of customers as way to be applied the right configurations in the Security System and Devices as way full guarantee to apply full Response actions set up.
* From Deterministic way to apply the Detection, Response an Remediation: Align the Incident Security Detection Customers configurations that should be applied in IT Security Systems Technologies with MITRE ATT&CK Frameworks Definitions for the correspondence tactics and techniques of attack and defence.
* Responsible of Quality based in OSINT for complete Incident Security Management process: Detection, Analysis, Response and Remediation activities Security.
* Provide audit methodology based in OSINT to guarantee the correct application in Change Management Process for the correspondence Policies/Rules/Configuration to apply as Response actions to Mitigate and or Content.
* Responsible of Quality for complete Change Management Process; Simple Changes Request, Change Complex and and/or Especial-Critical Interventions in perimeter security devices. Firewalls, Proxies, WAF, etc. enclose in Remediation activities Security process.
* Responsible of Quality in complete vulnerability detection and analysis process.
* Technically Responsible of Change Complex Request and/or Especial-Critical Interventions ensuring be involved the providers required just in case need.
* Manage Complete Security Incidents Process for Detection, Analysis, Response and Remediation.
* For P1 and P2 Security Incidents and Major Global Security Incidents will apply immediate escalations as Incident Security Process definition.
* Will report and manage escalations to providers and/or vendors in case be required.
* As part of be involve in Change Management Process be responsible keeping the control of guarantee the SLAs defined for every type of Incident Security defined per customer ensuring comply.
* Be Responsible as technical representative for Technical escalations in during escalation process Accountable by SSOMs.
Soft Skills:
* Reference Model. The behaviour in aptitude and attitude will be always a reference model for Cyber Security Professional Security Analyst of Operational Security and Customers.
* Customer focus. Ability to meet the customers’ needs in line with the business requirements.
* Result-orientation. Focusing on the objectives and the required outcomes of the processes while delivering a service.
* Teamwork. Working with a cooperative and positive attitude in a group setting to achieve common goals.
* Communication skills. Communicating effectively and efficiently while adapting to your audience and getting the message through as intended.
* Logical thinking. Ability to comprehend and to oversee various aspects of a problem or a situation.
* Teaching and Coaching. Ability on the way of transmit the knowledge and experience giving step more ensuring the receptor catch up the keys to performance a service deliver with the quality measures.
* Taking ownership. Taking the responsibility and taking care of the consequences of making a decision.
* Analytical mindset. Using all data and information available to analyse and understand a situation, with the aim of supporting decisions.
* Attention to detail. Focusing on all aspects and details of a task and delivering your output with a high level of accuracy.
* Leadership skills. Strengths and abilities that help to oversee processes and guide people toward the achievement of goals.
* Problem-solving. Ability to find root causes of problems and to focus on their quick and efficient solution.
* Ability to think out of the box considering collateral environments and understanding roles/responsibilities of collateral stakeholders (customer mainly).
* Language: Spanish and English fluent. Other languages will be recognized as advantage.
Skills/Experience:
* Minimum 3 years of experience and senior skills level in knowledge of Security management, network and information security, people security and running of one or more services within a Security Operations Centre.
* Minimum 3 years of experience and senior skills level and deep Knowledge:
* Knowledge of the TCP/IP protocol suite, DHCP, DNS, LAN/WAN, and Operating System concepts.
* Knowledge network security knowledge to include remote access, DMZ architecture, network monitoring, intrusion detection, and web server security.
* Minimum of 3 years of experience in security operations support preferable CySOC Teams or equivalent in CNOC/NOC handled Complex security Change Management Process based in configure policies and rules inside of Response process for Mitigate/Remediate or Content in Security Incidents.
* Senior level technical skills in perimeter security landscape and systems:
* Senior level technical skills in remediation and content systems:
* NAC: Forescout, CISCO ISE.
* WAF: F5, KONA Incapsula
* Vulnerability Systems: Qualys, Tenable.
* Senior level technical skills:
Business Impact:
The responsibilities of these team members have a direct impact in Customer Satisfaction which are based in obtain the level of service contracted and demanded so their contribution will be come from their influence in customer keep satisfied with the service deliver and then facilitate the opportunity to renewal the current contracts or add new contract services.
* Will be proactive to obtain customer feedback and/or internal stakeholders based in keep monitoring the quality delivered to customer beyond of KPIs results.
* When it will be demand in new potential opportunities will participated supporting sales security team in tasks oriented to the way of provide the operations from technical perspective.
Qualifications:
* Title of Higher Technician in Network Computer Systems Administration.
* Degree of Higher Technician in Multiplatform Application Development.
* Title of Higher Technician in Web Applications Development.
* Degree of Higher Technician in Telecommunications and Computer Systems.
* Degree of Higher Technician in Electronic Maintenance.
* Specialization Course in Cybersecurity in Information Technology Environments.
-Technical or higher degrees or engineering:
* Computer Engineering and specializations.
* Telecommunication Engineering and specializations
-Additional valuable Certifications:
* Comptia Security +.
* CEH.
* Cisco CCNA routing & switching or CCNA Security
* CheckPoint CCSE.
* Vulnerability System Certification.
-Recognised technical qualification or accreditation in field of Security Specialism.
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
#J-18808-Ljbffr