SIEM Software Engineering Lead (Snowhill, Birmingham, United Kingdom)

The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. Being the SIEM DevOps with SysOps Software Engineer you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team, leading the implementation of the SIEM Automation strategy and providing guidance and oversight of the SIEM Platform Automation team. This role is hybrid (3 days in the week) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only applicable to existing BT employees).

What you’ll be doing:

• Kubernetes DevOps/SysOps Engineering role managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications.
• Implement best practices for Kubernetes configuration and security.
• Configuration, deployment and maintenance of Elastic Stack on Kubernetes (ECK).
• Work with log Collection Tools and Technologies (Beats, Elastic Agent, Logstash), syslog and other data collection protocols.
• DevOps/SysOps Engineering collaborating with cross-functional teams (development, operations, and QA) to streamline software delivery and automating deployment pipelines using CI/CD tools.
• Troubleshoot issues along the CI/CD pipeline.
• Technical leadership working in a high performing team of engineers delivering state of the art security tools for BT.
• Be an active member of the SIEM/CDP log onboarding team, delivering SIEM/CDP functionality in line with the requirements.
• Act as product owner, breaking down top level requirements into product backlogs as part of quarterly/sprint planning.
• Lead on several complex technical deliverables ensuring work is completed on time and within budget.
• To continually develop professional cyber skills and awareness, to always remain ahead of our attackers, and develop the skills of others in the unit.
• To own / provide input into development and implementation of operational processes, policies and procedures, including platform and SecOps processes.
• Proactively drive forward continuous improvement within the team.
• To be/become a recognized expert in at least one Cyber technology.
• Interface with program and project managers to ensure appropriate security architecture engagement as necessary.
• Provide effective technology coaching and mentoring both inside and outside the team.
• Growth mindset and a desire to learn, teach, and improve skills.
• Previous ownership of mission-critical shared infrastructure.

Skills Required for the Role:

• Essential:
• End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions.
• Experience with containerization technology and orchestration platforms e.g. Docker, Kubernetes.
• Hands-on experience in installing, configuring, operating, and monitoring CI/CD pipeline tools.
• Experience in Python, JavaScript, Golang.
• Vast working experience on Gitlab CI or GitHub Actions.
• Experience in monitoring tools such as Grafana, ELK.
• Experience in Agile software development systems and JIRA Tools.
• Understanding IT, network services and security.
• Ability to collaborate effectively with others to drive forward key security objectives.
• Strong communication skills including presentation and documentation writing (to both technical and business audiences).
• An aptitude for autonomous learning as required by the demands of the business.
• Proven problem-solving abilities.
• Assertiveness, and the ability to drive through change.
• Excellent team working skills including the ability to work effectively within a geographically disparate team.
• Advantageous:
• SIEM Experience with Elastic Stack (ELK).
• Knowledge of ArgoCD, Terraform.
• Knowledge of CI/CD tools Ansible, Circle CI, Jenkins, Parker, Terraform.
• Knowledge of Offensive testing frameworks.
• Message processing using Kafka, Rabbit MQ.
• Knowledge of Linux, Windows and Network Administration.
• Knowledge and experience of cloud services (public or private), OpenStack and K8S.
• DevOps qualifications.
• Knowledge of Telecoms Security Act (TSA).
• Knowledge of architectural concepts such as microservices, service mesh.
• Strong knowledge of security policy/regulatory frameworks.

Experience Required for the Role:

• Bachelor’s/Master’s degree in Computer Science, Information Systems, Engineering, or other related fields.
• 5+ years experience in a Dev Ops Role demonstrating ownership of a critical platform.
• Experience leading a Dev Ops squad providing oversight and leadership for the members.

Benefits:

• On target 10% on target bonus.
• BT Pension scheme, minimum 5% Employee contribution, BT contribution 10%.
• From January 2025, equal family leave: receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up.
• Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more.
• 25 days annual leave (not including bank holidays), increasing with service.
• 24/7 private virtual GP appointments for UK colleagues.
• 2 weeks carer’s leave.
• World-class training and development opportunities.
• Option to join BT Shares Saving schemes.

About us:

BT Group was the world’s first telco and our heritage in the sector is unrivalled. As home to several of the UK’s most recognised and cherished brands – BT, EE, Openreach and Plusnet, we have always played a critical role in creating the future, and we have reached an inflection point in the transformation of our business. Over the next two years, we will complete the UK’s largest and most successful digital infrastructure project – connecting more than 25 million premises to full fibre broadband. Together with our heavy investment in 5G, we play a central role in revolutionising how people connect with each other. While we are through the most capital-intensive phase of our fibre investment, meaning we can reward our shareholders for their commitment and patience, we are absolutely focused on how we organise ourselves in the best way to serve our customers in the years to come. This includes radical simplification of systems, structures, and processes on a huge scale. Together with our application of AI and technology, we are on a path to creating the UK’s best telco, reimagining the customer experience and relationship with one of this country’s biggest infrastructure companies. Change on the scale we will all experience in the coming years is unprecedented. BT Group is committed to being the driving force behind improving connectivity for millions and there has never been a more exciting time to join a company and leadership team with the skills, experience, creativity, and passion to take this company into a new era.

A FEW POINTS TO NOTE: Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.

DON'T MEET EVERY SINGLE REQUIREMENT? Studies have shown that women and people who are disabled, LGBTQ+, neurodiverse or from ethnic minority backgrounds are less likely to apply for jobs unless they meet every single qualification and criteria. We’re committed to building a diverse, inclusive, and authentic workplace where everyone can be their best, so if you’re excited about this role but your past experience doesn’t align perfectly with every requirement on the Job Description, please apply anyway - you may just be the right candidate for this or other roles in our wider team.