Network Security Compliance Specialist - Birmingham, United Kingdom - BT Group

    BT Group
    BT Group Birmingham, United Kingdom

    2 weeks ago

    BT Group background
    Telecommunications
    Description

    This role is fundamental to maintaining the BT Network Management Systems Security posture. As a business we need to be proactive in identifying security issues, highlight concerns and reduce risk. This works in tandem with our ability to react quickly and effectively when operations are threatened by issues outside of BT's risk appetite.

    Ensuring the security of BT's complex architecture, applications and services in-line with the expectations of our customers is a prime objective of our business. Appraising the risk BT faces from the wider connected world this role assures the protection of BT Group's brands and reputation, supports improvements to our Security controls and helps maintain BT's critical business operations.

    You will undertake risk based connectivity assessments for intra BT and third party interconnect. Consider the potential for any interconnect to expose vulnerabilities within our network through our perimeter or across internal security domains. This role requires the ability to understand complex network infrastructure and supporting connectivity technologies and how it is applied in the context of the BT estate. You will be able communicate issues and concerns to stakeholders with differing levels of technical ability and present arguments for change or mitigation. You will have an understanding of other risk and compliance areas across BT Security where those key stakeholder risks impact the logical interconnect processes. This role supports BTs ability to connect its networks, applications and customer across and outside of the BT estate. It is a key part of the application deployment process and as such the role has a direct impact on operational activities PAN BT. As a result, you will be called upon to support time sensitive business critical deliveries with Senior stakeholders, working to deliver solutions that balance the business need with any additional risk

    What you'll be doing

    • Support deployment teams to establish workable interconnect solutions and designs. Provide feedback on issues identified for new deployments, legacy migrations as they are deployed on to new technologies
    • Engage in stakeholder reviews for complex interconnect issues, managing interdependencies between applications and security domains.
    • Provide technical advice and guidance Pan BT for Interconnect Security Governance, approvals and policy for all of BT's Corporate Applications and Firewall Estate
    • Due to BTs complex network structures you will need to be able to identify where the requested interconnect requirements will not produce the expected outcome. You are able to provide guidance and recommendations for alternate solutions.
    • Collaborate with wider stakeholders, policy and standard owners to ensure interconnect alignment and review in a changing environment. Provide feedback on automation requirements for interconnect tooling, enabling the interconnect workflow to mature
    • Responsible for strategy and delivery of Remote access controls into BT's & UK's Critical Network & systems.
    • Responsible for Identifying security risks, developing mitigation controls that reduce the possibility of the risks occurring.
    • Responsible for ensuring security controls are factored into BT's architectural decisions and subsequently into the design and implementation of BT's remote user access for both BT employee and 3rd party/Vendor support teams' access to BT networks and services.
    • Accountable for the auditing and correction of user access provision.

    What you'll bring

    Must Have:

    • Experience of connecting different technologies, networks, systems and applications both internally & externally
    • Understanding of complete End to End assessment of system security, from end user access to server technical compliance.
    • Access control Policy knowledge, design and understanding of roles and responsibilities in a technical role.
    • Technical background in large scale network & IT environments.
    • The ability to communicate technical requirements either verbally or written to a diverse group of customers with differing technical skill levels
    • Experience in technical decision making.

    Nice to have:

    • A very good understanding of large scale networks and the security controls therein
    • Membership of a pertinent Security/technology professional body: To hold an external IT networks or security qualification (e.g. CISSP, CISM M.IISP, CRISC)
    • Demonstrable analytical skills to ensure technical risks are fully understood and mitigation solutions can be correctly identified and implemented at a system and local level as required.
    • Proven strong customer facing skills.
    • Efficient problem solver in enterprise environment.
    • Ability to work as part of a team as well as under minimal supervision.
    • Time management skills.