Job Description:To work with internal IT and Network teams, security architects, and platform owners from BT’s different Lines of Business to map and understand the security challenges they face around the management of privileged identities, human or machine, in their specific areas. To design and deliver security solutions utilizing existing capabilities and/or expanding what currently exists, to address their requirements and keep BT’s systems and information secure
What I'll be doing – your accountabilities?
Undertake detailed technical feasibility studies in the wider Privileged Identity Management (PIM) security domain.
Liaise with stakeholders, understand and analyze their PIM-related security requirements and produce security solution designs which address the customer requirements and cover all the related technology, process and people aspects.
Ensure the proposed security solutions: a) comply with BT's various Security and Compliance Frameworks b) align with BT’s strategic security architecture and principles c) re-use/expand where necessary BT's existing security platforms and capabilities and d) they can be supported and maintained in Life, making full use of automation and zero-touch processes, minimizing in Life IT maintenance costs.
Led the implementation of end-to-end security solutions, working with matrixed teams including PAM Engineers and Operations teams, Network Designers and teams, Architects, and Programme/Project managers.
Finally, you will provide technical leadership and consultancy within your area of expertise to complex technical and architectural initiatives in the wider Identity and Access management security domain.
Capabilities/Skills required for the job
Product and service knowledge - You demonstrate subject matter expertise in complex, technical infrastructure, products and services. You develop bespoke solutions to meet short, medium and long-term customer needs.
Technology design - You partner with the business to understand and analyse user requirements and inform the architecture design for software, systems and networks.
Be agile - You identify opportunities to use collaborative approaches and continuous improvement. You contribute to projects as a subject matter expert or content owner.
Specific Technical Subject Matter Expertise in the following areas
Solid knowledge and understanding of key security concepts and related security technologies in the wider Identity and Access Management technology domain (indicative: Privileged Access Management, Secrets Mgt, Authentication Technologies (Modern Auth/Azure AD, Network Auth technologies (Radius, TACACS+), IGA and RBAC)
Good IT and Networking knowledge and experience (preferably in the areas of Windows/Unix administration, DBA knowledge, IP Networking)
Good understanding of access control mechanisms for Operating systems and Databases and other potential targets or endpoints for a typical PAM solution
Experience with AWS, GCP or Azure a plus
Security certifications preferable (e.g. CISSP, CISM, CISA, etc) but not essential
Connected Behaviours
- Solution focussed achiever - You deliver and coordinate activities and respond positively to challenges.
- Collaborative partner - You develop great working relationships with stakeholders, sharing knowledge and collaborating.
- Change agent - You support change initiatives locally, adapting quickly and delivering change effectively.
Experience you would be expected to have
Handled at least 2 projects as technical lead role involving key activities such as architecture, detailed design, implementation, integrations of various infrastructure platforms for security/IAM use cases
Excellent communication skills. Able to facilitate technical workshops, and clearly communicate ideas and solutions through various means (written, presentation and in person). Able to explain complex technical and architectural issues to a business audience
Confident approach, delivering with minimal supervision/guidance. Good stakeholder management skills
Made decisions in ambiguous situations using incomplete information or differing opinions (e.g. unclear deliverables, conflicting requirements, challenging stakeholders).
Aligned project plans and objectives with company strategy and values
What you'll get
- Competitive salary
- 25 days annual leave (plus bank holidays)
- 10% on target bonus
- Life Assurance
- Pension scheme if you pay in 5% BT will pay in an additional 10%
- Option to join the Healthcare Cash Plan or other benefits such as dental insurance, gym memberships etc.
- 50% off EE mobile pay monthly or SIM only plans
- Exclusive colleague discounts on our latest and greatest BT broadband packages
- BT TV, including TNT Sport and the NOW Entertainment membership, and 25% off NOW Sport, Cinema and Kids
- 30% discount for friends and family on EE mobile pay monthly and SIM only plans
Why this job matters
The Cyber Security Consultancy Specialist executes a range of workstreams in delivering information security, data protection, governance, risk and compliance activities including client assurance, policy compliance, vulnerability management, risk assessments and incident response.
What you’ll be doing
1. Executes the implementation of the Cyber Security strategy, developing and maintaining a current road map including new features and subservices required to meet commercial demand as well as changes to the security landscape, the sector and technologies.
2. Implements the deployment, integration and configuration of new security solutions and enhancements to existing security solutions in accordance with standard best operating procedures.
3. Runs resiliency exercises including threat modeling and security assessments, determining security requirements and specifications, and developing security solutions to satisfy design requirements.
4. Provides information and cyber security advice and guidance to key stakeholders across the BT Group.
5. Manages the implementation of information and cyber security controls and change initiatives across BT Group.
6. Reports the status of risk exposure and control maturity against the relevant policies and standards.
7. Runs analysis to the development of the Business Continuity Management Programme and Disaster Recovery Plan.
8. Utilises best practice knowledge to detect, identify and respond to cyber events, threats, security risks and vulnerabilities.
9. Follows product compliance with applicable security standards, group policies and industry best practices.
10. Mentors other cyber security professionals, helping to improve the team's abilities by acting as a technical resource.
11. Champions, continuously develops and shares with team knowledge on emerging trends and changes in cyber security.
The skills you’ll need
Compliance Monitoring and Controls Testing
Information Security Strategy
Incident Investigation and Response
Stakeholder Management
Security Assessment
Solution Design
Data Analysis
Vulnerability Management
Information Security
Agile Methodologies
DevSecOps
Customer Relationship Management
Cyber Resilience
Requirements Management
Security Evaluation and Functionality Testing
Our leadership standards
Looking in:
Leading inclusively
I inspire and build trust through self-awareness, honesty and integrity.
Owning outcomes
I take the right decisions that benefit the broader organisation.
Looking out:
Delivering for the customer
I execute brilliantly on clear priorities that add value to our customers and the wider business.
Commercially savvy
I demonstrate strong commercial focus, bringing an external perspective to decision-making.
Looking to the future:
Growth mindset
I experiment and identify opportunities for growth for both myself and the organisation.
Building for the future
I build diverse future-ready teams where all individuals can be at their best.
