SIEM Software Engineer Lead
Why this job matters The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. As the SIEM Software Engineer Lead, you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the SIEM Software Engineering Team, leading the Automation strategy and leading the in-life Automation team. What you’ll be doing Kubernetes DevOps/SysOps Engineering: managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications. Implement best practices for Kubernetes configuration and security. Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog, and other data collection protocols. DevOps/SysOps Engineering: collaborating with cross-functional teams (development, operations, and QA) to streamline software delivery and automate deployment pipelines using CI/CD tools. Troubleshoot issues along the CI/CD pipeline. Technical leadership: working in a high-performing team of engineers delivering state-of-the-art security tools for BT. Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements. Act as product owner, breaking down top-level requirements into product backlogs as part of quarterly/sprint planning. Lead on several complex technical deliverables ensuring work is completed on time and within budget. To continually develop professional cyber skills and awareness to always remain ahead of our attackers, and develop the skills of others in the unit. Provide input into the development and implementation of operational processes, policies, and procedures, including platform and SecOps processes. Proactively drive forward continuous improvement within the team. To be/become a recognized expert in at least one Cyber technology. Interface with program and project managers to ensure appropriate security architecture engagement as necessary. Provide effective technology coaching and mentoring both inside and outside the team. Growth mindset and a desire to learn, teach, and improve skills. Previous ownership of mission-critical shared infrastructure. Skills Required for the Role Essential: Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools (particularly big data feed ingestion). Experience in Python, JavaScript, Golang. Vast working experience on GitLab CI or GitHub Actions. Experience in monitoring tools like Grafana, ELK. Experience in Agile software development systems and JIRA Tools. Experience with containerization technology and orchestration platforms e.g. Docker, Kubernetes. Understanding IT, network services, and security. Ability to collaborate effectively with others to drive forward key security objectives. Strong communication skills including presentation and documentation writing (to both technical and business audiences). An aptitude for autonomous learning as required by the demands of the business. Proven problem-solving abilities. Assertiveness and the ability to drive through change. Excellent team working skills including the ability to work effectively within a geographically disparate team. Advantageous: SIEM Experience Elastic Stack (ELK). Knowledge of Argo, Terraform. Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform. Knowledge of Offensive testing frameworks. Message processing using Kafka, Rabbit MQ. Knowledge of Linux, Windows, and Network Administration. Knowledge and experience of cloud services (public or private), OpenStack, and K8S. Knowledge in cybersecurity such as CISSP, CCSP or SABSA. Knowledge of Telecoms Security Act (TSA). Knowledge of architectural concepts such as microservices, service mesh. Strong knowledge of security policy/regulatory frameworks. At least 3-5 years of experience in cybersecurity engineering and delivery. About us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning and the emergency services responding. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’
BT
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help, support, learning, and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.
#J-18808-Ljbffr
Why this job matters The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. As the SIEM Software Engineer Lead, you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the SIEM Software Engineering Team, leading the Automation strategy and leading the in-life Automation team. What you’ll be doing Kubernetes DevOps/SysOps Engineering: managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications. Implement best practices for Kubernetes configuration and security. Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog, and other data collection protocols. DevOps/SysOps Engineering: collaborating with cross-functional teams (development, operations, and QA) to streamline software delivery and automate deployment pipelines using CI/CD tools. Troubleshoot issues along the CI/CD pipeline. Technical leadership: working in a high-performing team of engineers delivering state-of-the-art security tools for BT. Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements. Act as product owner, breaking down top-level requirements into product backlogs as part of quarterly/sprint planning. Lead on several complex technical deliverables ensuring work is completed on time and within budget. To continually develop professional cyber skills and awareness to always remain ahead of our attackers, and develop the skills of others in the unit. Provide input into the development and implementation of operational processes, policies, and procedures, including platform and SecOps processes. Proactively drive forward continuous improvement within the team. To be/become a recognized expert in at least one Cyber technology. Interface with program and project managers to ensure appropriate security architecture engagement as necessary. Provide effective technology coaching and mentoring both inside and outside the team. Growth mindset and a desire to learn, teach, and improve skills. Previous ownership of mission-critical shared infrastructure. Skills Required for the Role Essential: Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools (particularly big data feed ingestion). Experience in Python, JavaScript, Golang. Vast working experience on GitLab CI or GitHub Actions. Experience in monitoring tools like Grafana, ELK. Experience in Agile software development systems and JIRA Tools. Experience with containerization technology and orchestration platforms e.g. Docker, Kubernetes. Understanding IT, network services, and security. Ability to collaborate effectively with others to drive forward key security objectives. Strong communication skills including presentation and documentation writing (to both technical and business audiences). An aptitude for autonomous learning as required by the demands of the business. Proven problem-solving abilities. Assertiveness and the ability to drive through change. Excellent team working skills including the ability to work effectively within a geographically disparate team. Advantageous: SIEM Experience Elastic Stack (ELK). Knowledge of Argo, Terraform. Knowledge CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform. Knowledge of Offensive testing frameworks. Message processing using Kafka, Rabbit MQ. Knowledge of Linux, Windows, and Network Administration. Knowledge and experience of cloud services (public or private), OpenStack, and K8S. Knowledge in cybersecurity such as CISSP, CCSP or SABSA. Knowledge of Telecoms Security Act (TSA). Knowledge of architectural concepts such as microservices, service mesh. Strong knowledge of security policy/regulatory frameworks. At least 3-5 years of experience in cybersecurity engineering and delivery. About us BT is part of BT Group, along with EE, Openreach, and Plusnet. Millions of people rely on us every day to help them live their lives, power their businesses, and keep their public services running. We connect friends to family, clients to colleagues, people to possibilities. We keep the wheels of business spinning and the emergency services responding. ‘We embed diversity and inclusion into everything that we do. It’s fundamental to our purpose: we connect for good.’
BT
We all stick to the same values: Personal, Simple, and Brilliant. From day one, you’ll get stuck in to tough challenges, pitch in with ideas, make things happen. But you won’t be alone: we’ll be there with help, support, learning, and development. This is your chance to make a real difference to the world: to be part of the digital transformation of countless lives and businesses. Grab it.
#J-18808-Ljbffr
