Threat Analytics Manager

Job Description

Why BT?

We’ve always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world’s first telecommunications company. At our heart we’re a technology company with research and innovation in our bones and a desire to be personal, simple, and brilliant for our customers - those are the values we live by whilst also creating an inclusive working environment where people from all backgrounds can succeed.

Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe, and secure, to delivering large scale technology infrastructure like the creation of BT Sport.

Today in this fast changing, always on, digital world our purpose remains true. Yet the market conditions, regulation, and competition we face are tougher than ever before. So, if you have the drive, optimism, and resilience to help propel us forward we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things and pursue new careers. If that’s you and what you’re looking for, we’d love you to be part of our future.

Why this Business Unit?

With customers in 180 countries, we're a leading global business communications provider. We have 17,000 people serving multinational companies, proving the services they need to create the digital transformation of their businesses. Thanks to our portfolio strategy, the Cloud of Clouds, we provide high-performance, integrated, and secure network and IT infrastructure services to global customers. It means our customers can connect easily and securely to the applications and data they need, wherever they are in the world. Our Digital G strategy we are moving to will help create a better future for Global and our people. With a business focused on a global customer base and a portfolio of scalable repeatable solutions, supported by outstanding customer service and market-leading security. To deliver it we need to focus where we can be brilliant, be more straightforward to do business with and meet customer needs with greater agility. This will help us to become a more profitable, predictable, and customer-focused business. Security is a key function within Global and contributes 20%+ of Global revenue with a double-digit growth forecast YoY. 2500+ security professionals globally make this one of the key players in the market.

Why this Job Matters

Our purpose is to use the power of communication to make a better world. For each other, for our customers, for society and our communities.

• Security incidents and confidentiality failures carry financial costs and can impact our brand and reputation. Proactively preventing, detecting, and responding to incidents or ensuring confidentiality is maintained allows BT to reduce risk to the business and our customers.
• Understanding the customer, their industry, and specific concerns to facilitate their strategic goals, by leveraging people, process, and technology to deliver the most efficient and effective service possible to the customer
• Responsible for the relevance, effectiveness, and efficiency of the service towards the customer during the service initiation/transition phase and during in life operations and will act as a trusted advisor
• Providing thought leadership in the customer space as well as within BT
• Your role places real value in finding and adapting ways to protect and support our people, customers & communities

What You Will Be Doing – Your Accountabilities

• The TAM is to be the customer advocate for the BT Security products we provide to the customer and assist in the optimisation and integration of those products to meet ongoing customer requirements
• Attend regular meetings with the customer to review the performance of the security service(s) and will assist in the raising of service requests if required. The meetings will be scheduled on a regular basis depending on the level of service model chosen
• Proactively assist the customer to understand and lead value-add support activities, understand the offenses or alerts provided by the security service(s) with guidance on tuning, log source selection and configuration to provide for a continuous improvement cycle
• As part of the systems vulnerability and patching process, the TAM will provide the customer interaction to ensure the systems remain up to date and secure against the latest threats.
• Act as a “CISO-Lite” for our Threat Analytics customers by providing strategic guidance, threat awareness with detection and response planning and development activities

Skills Required for the Job

• Mastery of cyber and security risk controls
• Ability to understand and interpret security architecture and how it achieves the customer’s security goals
• Ability to understand and support the customer’s strategic, tactical, and regulatory security goals
• Risk management experience
• Hunting instinct and problem solving
• Adaptive decision making
• Experience in change management
• Effective Communication, including verbal, report writing & presentations skills
• Ability to lead the technical security analytics conversation
• Ability to carry out security analytics reviews in complex solutions
• Ability to master a range of skills and learnings to support the solutions we offer in line with BTs’ and our customers’ business needs
• Clear communication skills for stakeholder management
• Eagerness to share knowledge and experience with customers and colleagues
• Ability to effectively mentor ambitious colleagues
• Have a resilient attitude towards new challenges
• Be self-motivated and proactive, ambiguity is your friend

Experience You Would be Expected to Have

• Knowledge of security management, service management and/or information security.
• Experience working with the MITRE ATT&CK framework and a proven ability to use the principles across multiple Security domains
• Understanding of data protection principles.
• Relevant experience of change management.
• Project management
• Data protection
• Privacy management
• Incident Response planning
• ISMS Governance
• Security controls management
• Experience with Security SIEM / SOAR applications and platforms (including, but not limited to IBM QRadar, IBM Resilient, XSOAR, Sentinel, Securonix or Splunk ES)
• Collaboration and conflict management
• Risk assessment and management

Connected Leaders Behaviors

We designed our Connected Leaders model to set the standards we want to see, and it builds on our values and focuses on connections. It explains what it takes for us to be Personal, Simple and Brilliant in the way we deal with our customers, our people and our organisation. Whilst all the connected leader values are important, the 3 most important to this role are:

• Customer Champion - You take ownership for brilliant customer experiences and create plans that deliver on customer expectations. You understand the customer's needs and challenges and look for opportunities to create a brilliant customer experience
• Commercial Thinker - You implement breakthrough ideas and propositions that benefit our business, using your understanding of external market forces and internal commercial drivers. You develop and implement ideas, using internal commercial insight and the latest external thinking
• Inspiring Communicator - You create inspiring messages for stakeholders and teams, linking and explaining programmes of activity and work. You create inspiring messages, considering different perspectives and delivering simple communications

Key Decisions

• Identifying and utilizing key elements of Organisation and Industry strategies
• Development of new detection strategies, threat intelligence, and the application of such
• Identification and utilization of new indicators of compromise and how they are related to the MITRE ATT&CK Framework

Don’t Meet Every Single Requirement?

Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch.

Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We're committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you're excited about this role but your experience doesn't align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.