BT Security Policy Technical Specialist in Ipswich, United Kingdom
Our mission is to break down the barriers of today to release the potential of tomorrow. Join us today and release yours.
About this role
Protecting the security of our organisation is key to the BT brand. Our security policies set the tone and ensure we know how to protect our information and assets. Our organisation is vast, complex and is always changing. There are new technologies along with changes in legislation and our risk appetite that can all have an impact on security policies and how we need to protect our business. We also have to ensure the security controls implemented across the business are fit for purpose and meet their control objectives.
You'll have the following responsibilities
• Security Policies: Ensuring BT has the right security policies and controls in line with risk appetite, legal and regulatory requirements and industry best practice.
• Security Policy Governance: Deliver the framework governance and processes that provides the ongoing development, improvements and maintenance of our security policies, standards and guidelines.
• Security Policy Scope: Ensuring that BT’s security policies aligned with legislation and regulation in all of the geographies (e.g. what do I do as an employee, as a manager to secure BT’s assets etc.)
• Policy Non-Compliance: Operate the process for facilitating non-compliance to security policies.
• Security Policy Metrics: Produce meaningful performance metrics to demonstrate the effectiveness of policy engagement
• Build trusted relationships: with SMEs to analyse and develop security controls. Communicate and agree changes to security standards with Business Unit Owners and Directors through cost/benefit analysis.
• Security Controls: Technical interpretation and implementation of security policy, standard and benchmark requirements across various technologies.
• Solution Focused Achiever
Always delivers ambitious goals, outcomes and timelines. Also cuts through complexity and obstacles to get to the right ethical solution at the right time.
Delivers and coordinate activities and respond positively to challenges.
• Change Agent
Identifies, creates and leads smooth business changes. Adapts quickly and perform effectively – even when there’s ambiguity.
Supports change initiatives locally, adapting quickly and delivering change effectively.
• Collaborative Partner
Understand the agendas and needs of others, alongside the needs of the business. Breaks down silos, and works brilliantly with partners both within and outside of the organisation to deliver business results.
You'll have the following skills & experience
Story-Telling: The ability to articulate the requirement of our security policy, standards and benchmarks and how these can be adhered to or applied in different environments and scenarios.
Business Acumen: A good knowledge of BT’s and Security’s strategies as well as a sound understanding of BT’s risk appetite. On the pulse for emerging trends, new technologies and vulnerabilities that could impact our policies and standards.
Security Knowledge: Highly technical with an expert level of knowledge of a specific security Domain. The recognised expert/go to person for compliance advice both internally and externally, giving specialist advice as necessary.
Membership of a pertinent Security/technology professional body: To hold an external security or risk qualification (e.g. CISSP, CISM M.IISP, CRISC)
Risk Management: An understanding of enterprise risk management. A thorough understanding of BT’s 3 lines of defence model.
Decision making skills: ability to grasp business strategy and analyse, prioritise. Making decisions based on resultant commercial impacts and security issues.
Practical technical experience in one of IT Security, Systems Development, Systems Support / Operation; Specialising in at least one domain. (Mandatory)
Experience of delivering security frameworks, policies & processes. (Mandatory)
Experience of delivering governance and assurance activities in a complex business environment. (Mandatory)
Experience of provide guidance on the delivery of security solutions for IT environments. (Preferred)
Experience of writing security or design documentation e.g. Policies, Standards, Benchmarks or Secure Designs. (Preferred)
Bonus is 10 percent .
Broadband is included .
Medical benefits as well as dental can be purchased through our Rewards site.
BT does offer discounted mobile phone and sim plans to employees.
You can join the BT share saves at reduced rates.
Further benefits such as Travel Insurance, Gym Membership, buying holiday etc. can also be purchased through our Rewards site.
If you’re a member of the BTRSS you’re covered for ten times your pensionable salary up to an overall amount of the prevailing Lifetime Allowance (£1,055,000in 2019/20)
You’ll join the BTRSS on the day you start work. At the moment the minimum contributions are:
Yours – five per cent of your pensionable salary.
Ours – ten per cent of your pensionable salary.
BT has a key role in British society, fostering change and leading technology innovation. From delivering the Olympics, to supporting the emergency services, to investing more into research than any other UK technology company, we take pride in everything we do - and in the people who work here.
We're now a global company operating at the forefront of the information age, employing 90,000 people in 180 countries. And we're on a mission. Guided by our core values of Personal, Simple and Brilliant our goal is to help customers, communities and businesses overcome barriers and release their potential.
So, if you're interested in the power of potential, why not join us today and release yours? You can read more here about what it's like to work at BT at https://www.btplc.com/Careercentre/lifeatbt/index.htm
How to Apply
It's easy to apply online; you just need a copy of your up-to-date CV and to follow the step-by step process. Don't worry if you need to make changes - you'll have the opportunity to review and edit your work on the final page. We look forward to receiving your application!
Strong understanding of security policy, standards and frameworks and how they fit together.
Strong technical skills in relation to what defines a securely built asset, such that the individual can decide, on a risk assessed basis, if a specific control is required.
Strong technical skills in relation to technical baselines, with the ability to ensure that the baseline meets the intention of its superior specification or standard.
The ability to work with control owners to ensure that technical controls implemented are able to effectively and accurately measure technical baselines.
Strong communication skills, focusing on the ability to explain in simple terms the requirements needed for standards, subsequent controls and the risks associated to these.
Job: Cyber security
Title: Security Policy Technical Specialist
Location: GBR %26 Ireland-GBR-Suffolk-Ipswich
Requisition ID: 140653
Other Locations: UK %26 Ireland-United Kingdom-Buckinghamshire-Milton Keynes, UK %26 Ireland-United Kingdom-London-London