British Telecom
,
Skelmersdale, Lancashire
Incident Response and Threat Intelligence Professional
Overview
Job Description
Our mission is to break down the barriers of today to release the potential of tomorrow. Join us today and release yours. Why this role matters The National Management Centre will provide visibility and control of information risks for Policing. It will support the 24x7x365 nature of the police operations, providing a threat detection and response capability for digital services before, during and after cyber attacks, enabling stakeholders to understand and proactively manage risk across the technology estate at both the national and force level. * Identification of critical services within forces where loss would negatively impact police operations. * Awareness of the cyber risks to critical services by continually assessing the threat landscape and informing stakeholders. * Detecting when, where and how attacks take place. * Reporting cyber risks to service, executive and operational stakeholders for mitigation decisions. * Analysing attacks and providing forensic of malware and artefacts to identify solutions to mitigate cyber threats * Limiting the impact of known cyber risks by engaging forces in pre-incident planning and preparatory activities. * Constraining attack surfaces through proactive penetration testing, vulnerability management, and threat hunting. * Managing incident response, containing the attack and supporting restoration of normal operations. Please note, this role will be worked on a shift basis (2 days on, 2 night on, 4 days off). You will receive an additional monthly shift allowance on top of the base salary for working on shifts. What you'll be doing * As a member of the Cyber Incident and Threat Response team you will respond to immediate security threats that may impact our client network * You will be responsible for responding to both incident and intelligence alerts regarding the cyber risks facing policing * Responsible for working in a National Support Team (NST). * The NMC team's goal is to detect, analyse, investigate and respond to cybersecurity incidents using a combination of cutting edge technology and a strong set of processes. * NST staff work across the organisation, typically with cyber threat teams and client liaison officers to ensure security issues are addressed quickly upon discovery. National Support Team Responsibilities: * The first line of response for all reactive Cyber related activity regarding the UK National Police Forces * Accountible for initial impact assessment of Information, events and Intelligence relating to forces, following playbooks and processes within a timely manner. * Once Impact assessment complete, responsible for engaging relevant stakeholders, e.g. Shift Lead, Incident Lead or Threat Intel Specialist * Responsible for ensuring initial engagement direct with national police forces * Must be in tune with situational awareness across national police forces. E.g Change, Problem, Incident, Network Architecture, Critical Asset lists. We'll also need to see these on your CV * Knowledge of various security methodologies and processes * Business acumen: Knowledgeable in business strategy and the drivers of organisational performance, including the impact of recommendations you make. * Knowledge of the current Threat landscape * Communication: Excellent ability to translate complex issues to the relevant audience, both verbally and written. * A genuine enthusiasm and drive to work within Cyber Security Motivated and ambitious to work on your own initiative without needing direction * Strong attention to detail * Ability to multi-task, prioritise, and manage time effectively * Excellent interpersonal skills and professional demeanour * Proficient in Microsoft Office Applications * Experience working in a fast paced operational environment * Experience leading a team of operational staff * Preferred Foundation or Higher Degree in computer science or related subject, or relevant practical and transferable experience * Preferably completed CompTIA Network and Security or willingness to work towards * Preferred experience in internal and external stakeholder management and engagement * The ability to gain and maintain SC and NPPV clearance is required for this role. Why choose us? We've always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world's first telecommunications company. At our heart we're a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed. Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe and secure, to delivering large