BT UK Jobs – Validation Professional

About the job

About BT

BT has a key role in British society, fostering change and leading technology innovation. From delivering the Olympics, to supporting the emergency services, to investing more into research than any other UK technology company, we take pride in everything we do – and in the people who work here.

We’re now a global company operating at the forefront of the information age, employing 90,000 people in 180 countries. And we’re on a mission. Guided by our core values of Personal, Simple and Brilliant our goal is to help customers, communities and businesses overcome barriers and release their potential.

So, if you’re interested in the power of potential, why not join us today and release yours? You can read more here about what it’s like to work at BT.

Location(s): Belfast, Manchester, Ipswich, London, Bletchley, Birmingham

About the role

To protect the confidentiality, integrity, and availability of BT’s information assets, by providing a technical vulnerability/compliance environment that provides accurate, complete and timely notification of vulnerabilities/non compliances to operational teams in a manner that supports their remediation/mitigation.

Providing visibility of security tool compliance, and vulnerability monitoring for BTs complete ecosystem allows BT to ensure that the technical capabilities deployed control the risk they were intended to, as well as ensuring gaps in compliance can be mitigated. This is particularly the case where vulnerabilities are high risk and being actively exploited.

Responsibilities

Primary responsibilities are performing 2nd line assurance activities within the Vulnerability Management Programme. Working across a high performing team to ensure our roles and responsibilities are delivered across the business driving our corporate goals.

You will also have backup responsibilities for Vulnerability Management, Incident Management, Tooling and Compliance and Management responsibilities.

Collaboration: Working across 1st Line Assurance and Operational teams to address control risks and or critical cyber risks requiring business remediation. Providing validation of controls and evidence of remediation where required.

2nd Line Assurance: Responsible for providing 2nd Line assurance and compliance, to ensure governance frameworks and controls are operating effectively across the organisation. Providing appropriate level of assurance reporting to range of key stakeholders demonstrating compliance or non-compliance across our Polices/Standards/benchmarks and risk controls.

Reporting: Responsible for providing assurance reporting across risk controls covering in-life effectiveness, KPIs, control statistics, in-effectiveness and end to end business reporting. Supporting the development of clear and insightful materials and presenting in a variety of forums to manage and maintain stakeholder interaction and senior stakeholder engagement. Communicates risk, compliance, assurance and learning in support of the policies and standards to be implemented across the business.

Business Insights: Responsible for undertaking in depth analysis across cyber risks/controls. Identifying compliance to these controls, highlighting any gaps within these controls or common themes or trends which impact the effectiveness of these controls. Presenting your findings to senior management and key stakeholders across the company to drive compliance and reduction of cyber risk.

Team Working: Working across the vulnerability management team to support one another to achieve our roles & responsibilities. Sharing knowledge and skills/learning to improve our capabilities.

Transformation: Support in key accountability areas or major projects in own area, performing short and long-term performance analysis, reporting and planning to support formulation of business plans aligning to strategic agenda/goals and deriving accurate insights and identifying early indicators of issues or risks to strategy and/or objectives delivery

Functional Requirements: Responsible for ensuring risk/security controls meets the business requirements, and where new requirements arise working with architecture & operational teams to deliver whilst providing prioritisation for development & deployment.

Skills & Experience

• Experience of delivering compliance for security environments, specifically vulnerability management and secure configuration. (Mandatory)
• Managing complex data sets, from a variety of tools, to manage control mitigation, where this is not possible in existing security tools. (Mandatory)
• Working with diverse operational teams to effectively mitigate key control failures (Mandatory)
• Practical experience in one of IT Security, Physical Security, Systems Development, Systems Support / Operation (Mandatory)
• Practical experience of defining key control indicators for operational effectiveness of tools (Mandatory)
• Experience of ethical hacking, vulnerability management, social engineering is essential.
• Actively participated in strategy setting sessions
• Been a spokesperson for others on issues of integrity

Benefits

Competitive salary + 10% Bonus

25 days’ annual leave (excluding bank holidays)

Pension (5% you 10% BT) and Share options available.

Flexible benefits to fit around you (Your Rewards)

Discounted mobile phone up-to 50% off plans

About British Telecom

We’re the leading communications provider with customers in 180 countries. Across the world we enable customer’s digital transformations so they can thrive. our focus is simple: be the global provider-of-choice for managed network and IT infrastructure services.