Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Join our team as a SIEM Application Engineer, focusing on security solutions and threat detection.
- Company: BT Group is a leading telecom company, transforming digital infrastructure in the UK.
- Benefits: Enjoy competitive salary, flexible working, 25 days leave, and world-class training opportunities.
- Why this job: Be part of a dynamic team driving innovation in cybersecurity and making a real impact.
- Qualifications: Bachelor’s/Master’s in Computer Science or related field; 5+ years in cybersecurity engineering required.
- Other info: Hybrid role with opportunities for personal growth and mentoring within a supportive environment.
The predicted salary is between 42000 - 84000 £ per year.
The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. Your role as a SIEM Application Engineer in Security Engineering is to support the development, implementation, operation and support of BT's Strategic SIEM development. We are seeking a skilled SIEM Application Engineer with expertise in Elasticsearch to join our dynamic team. As a SIEM engineer, you will play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich (Ipswich only applicable to existing BT employees).
What you’ll be doing:
- SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection.
- Query Optimization and Performance Tuning: Write efficient Elasticsearch queries to retrieve relevant security events. Monitor and manage the performance of the SIEM infrastructure.
- Security Engineering: Contribute to security engineering projects, transitions, and transformations. Work closely with security operations and associated security incident response systems.
- Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka. Enhance data enrichment by integrating threat intelligence feeds and contextual information.
- Knowledge-sharing: In team discussions, defining and improving working procedures, organisation of team events. Help colleagues in the team to grow by mentoring when required.
Skills Required for the Role:
- Security and Compliance with Elastic Security: Set up access controls, authentication, and encryption using Elastic Security features. Ensure compliance with data protection regulations.
- Detection Rule Development: Ability to create, test, and optimise detection rules to identify suspicious activities and potential threats based on the MITRE ATT&CK Framework.
- Performance Tuning with Elasticsearch and Logstash: Fine-tune query performance using Elasticsearch indices and mappings. Monitor Logstash pipelines and optimize resource utilization.
- Kibana Visualization and Monitoring: Leverage Kibana for data visualization, dashboards, and real-time monitoring.
- ETL Processes with Logstash: Design, develop, and maintain data pipelines using Logstash, part of the Elastic Stack.
- Beats for Data Collection: Proficiency in configuring and managing agents, including setting up agent policies for various operating systems.
- Database Architecture and Scaling with Elasticsearch: Optimize data storage and retrieval mechanisms within Elasticsearch clusters.
- End-to-End Solution Delivery: Expertise in taking ownership of a requirement from start to finish, including gathering detailed requirements, designing, and implementing robust, innovative solutions.
Experience Required for the Role:
- Mandatory: Bachelor’s/Master’s degree in Computer Science, Information Systems, Engineering, or other related fields.
- 5+ years of engineering experience in delivering cybersecurity solutions.
- Experience in key cyber technologies such as SIEM technologies (Elastic preferred), vulnerability management, access management and other commonly used Enterprise security controls.
From January 2025, equal family leave: receive 18 weeks at full pay, 8 weeks at half pay and 26 weeks at the statutory rate. It’s for all parents, no matter how your family is made up. Enhanced women’s health support: including help with menopause symptoms, cancer screenings, period care and more. 25 days annual leave (not including bank holidays), increasing with service. 24/7 private virtual GP appointments for UK colleagues. 2 weeks carer’s leave. World-class training and development opportunities. Option to join BT Shares Saving schemes.
About us: BT Group was the world’s first telco and our heritage in the sector is unrivalled. As home to several of the UK’s most recognised and cherished brands – BT, EE, Openreach and Plusnet, we have always played a critical role in creating the future, and we have reached an inflection point in the transformation of our business. Over the next two years, we will complete the UK’s largest and most successful digital infrastructure project – connecting more than 25 million premises to full fibre broadband. Together with our heavy investment in 5G, we play a central role in revolutionising how people connect with each other.
Although these roles are listed as full-time, if you’re a job share partnership, work reduced hours, or any other way of working flexibly, please still get in touch. We will also offer reasonable adjustments for the selection process if required, so please do not hesitate to inform us.
SIEM Application Engineer employer: BT Group
Contact Detail:
BT Group Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SIEM Application Engineer
✨Tip Number 1
Familiarise yourself with Elasticsearch and its features, as this role heavily relies on it. Consider joining online forums or communities where you can discuss best practices and recent developments in Elasticsearch.
✨Tip Number 2
Network with current employees at BT or those in similar roles. Use platforms like LinkedIn to connect and ask about their experiences, which can provide valuable insights into the company culture and expectations.
✨Tip Number 3
Stay updated on the latest trends in cybersecurity, especially regarding SIEM technologies. Follow relevant blogs, attend webinars, and participate in workshops to enhance your knowledge and show your commitment to the field.
✨Tip Number 4
Prepare for potential technical interviews by practising common Elasticsearch queries and performance tuning scenarios. This will help you demonstrate your expertise and problem-solving skills during the interview process.
We think you need these skills to ace SIEM Application Engineer
Some tips for your application 🫡
Tailor Your CV: Make sure to customise your CV to highlight your experience with Elasticsearch and SIEM technologies. Emphasise relevant projects and achievements that align with the job description.
Craft a Compelling Cover Letter: Write a cover letter that showcases your passion for cybersecurity and your specific interest in the SIEM Application Engineer role. Mention how your skills can contribute to BT's security objectives.
Highlight Relevant Skills: In your application, clearly outline your expertise in areas such as query optimisation, data ingestion, and performance tuning with Elasticsearch. Use specific examples to demonstrate your capabilities.
Showcase Continuous Learning: Mention any recent training, certifications, or conferences related to cybersecurity and SIEM technologies. This shows your commitment to staying updated with industry trends and best practices.
How to prepare for a job interview at BT Group
✨Showcase Your Technical Skills
Be prepared to discuss your experience with Elasticsearch and SIEM technologies in detail. Highlight specific projects where you've designed or optimised SIEM solutions, and be ready to explain the technical challenges you faced and how you overcame them.
✨Understand the Company’s Security Objectives
Research BT's current security initiatives and understand their strategic goals. This will allow you to tailor your responses to demonstrate how your skills align with their objectives, particularly in enhancing threat detection and incident response.
✨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving abilities in real-world scenarios. Practice articulating your thought process when faced with security incidents or performance tuning challenges, as this will showcase your analytical skills and practical experience.
✨Emphasise Collaboration and Mentorship
Since the role involves working closely with security analysts and mentoring colleagues, be ready to share examples of how you've successfully collaborated in teams. Discuss any experiences where you've helped others grow or contributed to team success.
