**Technical Support Specialist (Protective Monitoring Cyber Security)**
**Belfast or Hatfield**
Our purpose is to use the power of communications to make a better world. For each other, for our customers, for society and our communities. We need you to help us do this.
**Why this role matters**
To provide HMG GPG13 and BT security standards of monitoring, for BT Secure Management Platform, (SSP), the PSN FS and customers that buy into HMG protective monitoring whom are connected with the SSP Management Platform, delivery of the SOC's protective monitoring capability and the processes that provide guidance and compliance around the use of the tool(s).
The team supplies Splunk application support and provides Crypto device support for particular HMG contracts and platforms.
Contribute by way of On Call to the out of hour's support of Splunk Enterprise on an ASG rota call out.
Our Team provide Protective Monitoring services, using Splunk Application as the SIEM. Using Splunk as a SIEM means it can be highly customisable and re-useable across contracts. We can also do efficient investigations as all the logs are stored in a common place, enabling fast filtering and drill down.
We pre-configure alerts and monitor logs to satisfy industry standards to satisfy key Information Security Management markers and processes. Alerts which can be re-used for multiple contracts. We can display and monitor in one place and generate reports to demonstrate successful monitoring.
We also use the SIEM to refine networks by finding unknown problems within firewall server and device logs, which improves efficiency and reduces costs to the business.
We have around 1.2 million customers and serve over half the FTSE 350. Our customers range from big household names, government departments and public service organisations right through to small businesses and new start-ups. We cover both the communications and IT services markets. Overall we're focused on four main product markets: Fixed Voice; Mobility; Fibre and connectivity; networked IT services provided over the biggest UK network in both fixed and mobile communications. We also provide network IT services to corporate and public sector organisations in the Republic of Ireland.
Our Wholesale business helps communications providers (CPs) and other organisations provide fixed or mobile phone services. Our ventures provide mass-market services like directory enquiries and payphones, and enterprise services including Fleet Solutions and BT Redcare. We also offer specialist enterprise services to our Internet of Things customers.
**What you'll be doing**
Embrace Service Excellence by demonstrating a thorough understanding and use of:
+ Service - Continually monitor and report performance through service metrics across area of responsibility.
+ Transformation - Responsible for implementing Continuous Service Improvement across area of responsibility.
+ Provide input to Operational Service Delivery including Technical /specialist input to support:
+ Proactive risk management - identify issues and take personal action to mitigate or highlight the risk
+ Reactive incident management - act with a sense of urgency to minimise business impact
+ Ability to prioritise effort and make decisions based on business impact
+ Ability to engage and communicate clearly in order to motivate and inspire people to deliver
+ 2nd line support for Security Information and Event Management (SIEM) development and monitoring via Splunk.
+ Development of Incident detection, reporting and analysis resources in the form of use cases.
+ Creation of documentation processes and framework to support the SIEM monitoring capability.
+ Tune SIEM; (Splunk) rules, correlation and dashboards of false positives.Management, creation & maintenance of SIEM, (Splunk) dashboards.
+ Understand GM business unit strategy and their role to enable day to day prioritisation of effort - set the context
+ Responsible for building the necessary professional standards & capability personally and within functional area (professional standards; people management; business management; leadership)
+ Responsible for effective Stakeholder Management including direct customer contact where appropriate
+ Provide call out support to maintain indexing of data and maintain SIEM stability.
**We'll also need to see these on your CV**
+ Security clearance SC - or work towards.
+ A will to learn and a creative mind. Some computer programing or work with Excel Spreadsheets, would be useful, though not essential.
+ Broad Linux and UNIX knowledge.
+ Admin level Splunk knowledge to install maintain and configure.
+ An understanding of server capacity issues and how to resolve.
+ Ability to do data captures and ability to interpret them, such as tcpdump output.
+ Understanding of the IPS/IDS tuning cycle would be useful.
+ Continuous improvement techniques.
+ Detecting and recognising that there is a problem; identifying the nature of the problem; defining the problem, associated with logical and physical security, and including processes and risks.
+ Define problem management approach and manage life cycle of problems appointed.
+ Experience working with Splunk would be useful.
**Why choose us?**
At BT, we entertain, educate and empower millions of people every single day. We're a brand built on connecting people - whether that's friends, family, businesses or communities. Working here, you'll receive an attractive salary and a range of competitive benefits, but - more than that - you'll be joining an ambitious organisation with a culture of togetherness, collaboration and inclusivity, that takes a genuine and proactive interest in your progress and development. Benefits of working for BT include:
+ Competitive salary and on-target bonus plan
+ World-class training and development opportunities
+ 25 days' annual leave (not including bank holidays)
+ Discounted broadband, mobile and TV packages
+ Car allowance (dependent on your role)
+ Share option and pension scheme programmes
+ Flexible benefits to fit around you
We value different perspectives, skills and experiences. We're creating an inclusive working culture where people from all backgrounds can succeed. That's why we welcome applications from all parts of the community.
**Job:** _Security System_
**Title:** _Technical Support Specialist (Protective Monitoring Cyber Security)_