SIEM Software Engineering Lead

Job Details

Job title

SIEM Software Engineering Lead

Reports to (job)

SIEM Software Engineer Manager

Team

Security Engineering

Location

Birmingham

Job Dimensions

DevOps with SysOps Software Engineer responsible for designing, implementing and maintaining the CI/CD pipelines, workflows and scaling infrastructure for our production systems in BT Secure Development Networks

Hours

Full time

No. Direct Reports

0

Career Level

D

Why BT Group?

We’ve always been an organization with purpose; we connect for good.   You can trace this back to our beginning as pioneers of the world’s first telecommunications company.  At our heart, we’re a technology company with research and innovation in our bones, and a desire to be personal, simple, and brilliant for our customers - the values we live by. Creating an inclusive working environment where people from all backgrounds can succeed.

Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale, capable of achieving great things.  From supporting emergency services, hospitals, banks and keeping economies around the world online, safe, and secure, to delivering large scale innovative technology infrastructure like the creation of BT Sport. 

Today, in this fast changing, always on, digital world, our purpose remains true. Yet the market conditions, regulation and competition we face are tougher than ever before.  So, if you have the drive, optimism, and resilience to help propel us forward, we’ll offer unrivalled personal development, a wealth of opportunities to learn, experience new things, and pursue new careers.  If that’s you, and what you’re looking for. 

We’d love you to be part of our future.

Why this job matters

The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. Being the SIEM DevOps with SysOps Software Engineer you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team, leading the implementation of the SIEM Automation strategy and providing guidance and oversight of the SIEM Platform Automation team.
 

What you’ll be doing – your accountabilities

The skills you’ll need to succeed

·        Kubernetes DevOps/SysOps Engineering role managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications. 

·        Implement best practices for Kubernetes configuration and security.

·        Configuration, deployment and maintenance of Elastic Stack on Kubernetes (ECK)[JC1] [PH2] [PH3] 

·        Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog and other data collection protocols 

·        DevOps/SysOps Engineering collaborating with cross-functional teams (development, operations, and QA) to streamline software delivery and automating deployment pipelines using CI/CD tools

·        Troubleshoot issues along the CI/CD pipeline

·        Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT.

·        Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements.

·        Act as product owner, breaking down top level requirements into product backlogs as part of quarterly/sprint planning

·        Lead on several complex technical deliverables ensuring work is completed on time and within budget

·        To continually develop professional cyber skills and awareness, to always remain ahead of our attackers, and develop the skills of others in the unit

·        To own / provide input into development and implementation of operational, processes policies and procedures, including platform and SecOps processes.

·        Proactively drive forward continuous improvement within the team

·        To be/become a recognized expert in at least one Cyber technology

·        Interface with program and project managers to ensure appropriate security architecture engagement as necessary. 

·        Provide effective technology coaching and mentoring both inside and outside the team.

·        Growth mindset and a desire to learn, teach, and improve skills.

·        Previous ownership of mission-critical shared infrastructure

Essential:[JC4] [PH5] 

·        End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions.

·        Experience with containerization technology and orchestration platforms e.g. Docker, Kubernetes[JC6] 

·        Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools

·        Experience in Python, JavaScript, Golang.

·        Vast working experience on Gitlab CI or GitHub Actions

·        Experience in monitoring tools as Grafana, ELK

·        Experience in Agile software development systems and JIRA Tools.

·        Understanding IT, network services and security

·        Ability to collaborate effectively with others to drive forward key security objectives

·        Strong communication skills including presentation and documentation writing (to both technical and business audiences)

·        An aptitude for autonomous learning as required by the demands of the business

·        Proven problem-solving abilities

·        Assertiveness, and the ability to drive through change

·        Excellent team working skills including the ability to work effectively within a geographically disparate team

Advantageous:

·        SIEM Experience with Elastic Stack (ELK)

·        Knowledge of ArgoCD, Terraform

·        Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform

·        Knowledge of Offensive testing frameworks

·        Message processing using Kafka, Rabbit MQ

·        Knowledge of Linux, Windows and Network Administration

·        Knowledge and experience of cloud services (public or private), OpenStack and K8S

·        DevOps qualifications

·        Knowledge of Telecoms Security Act (TSA)

·        Knowledge of architectural concepts such as microservices, service mesh.

·        Strong knowledge of security policy/regulatory frameworks

Leadership accountabilities

Experience you’d be expected to have