We are looking for candidates who are interested in working 24x7 shifts. The initial pattern will cover normal working hours ( 8AM-8PM ), with the strong possibility of moving into 24x7 cover in the short/medium term.
Technology, Distribution & Archive Division (TD&A) is a group within BBC Operations. They set the technology strategy for the BBC, delivering on projects of all sizes up to and including multi-million pound technology infrastructure and software projects. They also ensure IT and telephone infrastructure availability for all BBC platforms and systems and have responsibility for keeping our radio and news channels on air and on-line.
The role of the Information Security team is to maintain and promote good governance of Information Security within the BBC and its partners; create, monitor and maintain appropriate policies, standards and guidelines and ensure compliance with the same and all relevant statutory requirements.
The responsibilities of the Information Security team include development and enforcement of Information Security policies, identification of Information Security risks, managing security incidents and raising staff awareness around Information Security.
This role is to support the Manager of Information Security Special Project - Security Operations Centre (SOC) in ensuring that BBC’s information is protected, in accordance with the needs of the business and according to Information Security principles of availability, integrity and confidentiality. This role also provides direct support for the Security Operations Centre Design project and supports the technical implementation of the Security Incident and Event Management (SIEM) toolset.
Other duties will include:
- Responsible for the day to day management of two Security Operations Centre (SOC) Analysts
- Responsible for building relationships with teams across the BBC to understand current and future security threats and vulnerabilities at the direction of the SOC Manager.
- Steer work on the design and operation of current and future toolsets that will support the SOC development, as per current understanding of future scenarios; namely alerting, monitoring and reporting.
- Accountable for the development of long and short technical capabilities, including software and hardware requirements; gathering business requirements; developing initial findings and working to agree a prioritised list of technical capabilities and projects with the assistance of the SOC Analyst.
- Support SOC development roadmap by delivering BBC SOC capabilities to the business and championing new ideas and initiatives to help improve new and existing capabilities
- Make recommendations to various project teams and sponsors across the business with regard to Security Monitoring requirements and log data feeds
- Responsible for ensuring all relevant technical standards and policy documentation is reviewed and maintained thought-out each if the SOC technical capabilities
- Manage technical relationships with key personnel within BBC Technology to ensure that all work is aligned to help deal with any issues or problems and the same are followed up and dealt with appropriately.
- Represent the Information Security team at internal and external meetings and forums as agreed by the SOC Manager.
- Excellent knowledge of IT Security best practices
- Broad infrastructure and technology background including demonstrable understanding of security operations in mission critical environments
- Good communication skills both written and verbal
- Highly effective and creative problem-solving skills
- In-depth knowledge of security issues inherent in common corporate environments
- Ability to prioritise workloads and to know when to seek guidance
- Proven technical ability and experience in Unix/Linux/etc
- Proven technical ability and experience with Microsoft Windows
- Proven technical ability with networking systems
- Experience of performance management/managing people
- Proven experience in the operation and management of SIEM technologies
- Experience in operating and managing Splunk or similar big data forensic technologies
- Experience in operating VMware implementations
- Understanding of ISMS concepts
- Ability to convey and explain complex technical information to technical staff.
- Relevant Degree in advanced studies in Information Security, preferred but not essential
- CISSP, preferred but not essential
- Other relevant technical professional qualifications preferred but not essential
- Any relevant research material in Information Security