BT is one of the world's leading communications services companies which provides communications services solutions, serving customers in more than 180 countries. The services we sell are integral to modern life. Our purpose is as simple as it is ambitious: to use the power of communications to make a better world. Join our Cybersecurity team as a cybersecurity analyst to be incorporated in our 24/7 service!
Security isn’t always the first thing that comes to mind when you think of BT, but when it comes to keeping everyone safely connected, We Are The Protectors. We deal with thousands of cyber-attacks every day, so that millions of people can safely go about their daily lives and run their businesses. We deliver vital work at scale, with real breadth and impact. We connect for good.
This is an opportunity to play your part and protect our company, our customers and our communities from cyberattack. Be part of a dedicated team and get ready to be challenged every day to make the most of your skills and experience. You’ll learn from those around you, and from outstanding training and development resources to become even better at what you do. With the best technology at your fingertips, you'll be part of a friendly and versátil working environment where your contribution is always valued.
**We offer**:
- A place to work comfortably as a team
- Initial and continuous training to keep up to date in the world of cybersecurity
- A company and area in growth and continuous renewal
- Job security
**Responsibilites for the role**:
This role is based in Blue Team activities;
- Manage Complete Security Incidents Process for Detection, Analysis, Response and Remediation.
- Monitoring and set the correspondence category of every Incident Security identifying True Positives and False Positives based in correspondent Use Cases in production.
Manage all the incident phases;
- Initial event investigation
- Basic triage activities - Interaction and communication with customer in all the investigation steps through ticketing systems
- Responsible for compliance with the SLAs defined by every client
- Follow all the processes and internal documentation available to ensure the quality parameters defined
- Initiative and anticipation to report improvements or lack of processes detected while performing duties (documentation, UC adjustments, etc.)
- Must ensure progressively improvement of skills and dynamism to manage the systems and tools demanded for delivery of services
**Knowledge needed**
- Computer systems
- Basic malware knowledge
- MITRE ATT&CK;
- Websites, apps and tools used in companies
- Basic Security System knowledge
- Medium-high level of written and spoken English
**Minimum requirements**
- Minimum of 1 year's experience in Cybersecurity center (SOC) or equivalent handling security Incidents and Investigations
- Basic knowledge of security systems, networking and internet protocols, (Firewall, Proxy, IDS/IPS, VPN )
- Demonstrated knowledge in blue team activities
- Demonstrated knowledge in tools & technologies like:
- SIEM systems (Qradar, Splunk, MS Sentinel, LogRhythm )
- EDR solutions (CrowdStrike, MS Defender, Trendmicro )
- Phishing Analysis
- Knowledge of SOAR and Ticketing tools (Xsoar, Chronicle, Service Now, Jira, Remedy )
- Other valuable capabilities:
- Analysis capacity
- Resolute person
- Quick response to incidents
- Teamwork
- Continuous learning ability
**Valuable requirements**
- CompTIA Security +
- CompTIA CySA+
- Other cybersecurity courses/certs
- Participation in CTFs & CONs
- ITIL knowledge
**What’s in it for you?**
- Exceptional career progression in the Security sector and other areas of BT
- Smart working policy
- Competitive salary
**A FEW POINTS TO NOTE**:
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.
**DON'T MEET EVERY SINGLE REQUIREMENT?