SIEM Software Engineering Lead
Job Req ID: 47802
Posting Date: 12 Jun 2025
Function: Cyber Security
Unit: Networks
Location: Snowhill, Birmingham, United Kingdom
Salary: Competitive with Great Benefits
Why this job matters
The new Network SIEM is essential to BT’s network security, meeting TSA requirements and improving our CAF level. As the SIEM DevOps with SysOps Software Engineer, you will play a critical role in designing, developing, implementing, and maintaining our strategic SIEM platform as part of the Security Engineering platform team. You will lead the implementation of the SIEM Automation strategy and oversee the SIEM Platform Automation team.
This role is hybrid (3 days in the week) and can be based in Birmingham, Manchester, or Ipswich (Ipswich only for existing BT employees).
What you’ll be doing
1. Kubernetes DevOps/SysOps Engineering: managing Kubernetes clusters and container orchestration, automating deployment, scaling, and management of containerized applications.
2. Implementing best practices for Kubernetes configuration and security.
3. Configuring, deploying, and maintaining Elastic Stack on Kubernetes (ECK).
4. Working with log collection tools and technologies (Beats, Elastic Agent, Logstash), syslog, and other data collection protocols.
5. Collaborating with cross-functional teams to streamline software delivery and automate deployment pipelines using CI/CD tools.
6. Troubleshooting issues along the CI/CD pipeline.
7. Providing technical leadership within a high-performing team delivering security tools for BT.
8. Participating in the SIEM/CDP log onboarding team, delivering functionality aligned with requirements.
9. Acting as product owner, breaking down requirements into product backlogs for planning.
10. Leading complex technical deliverables, ensuring timely and within-budget completion.
11. Developing professional cyber skills and mentoring others.
12. Contributing to operational processes, policies, and procedures.
13. Driving continuous improvement within the team.
14. Becoming a recognized expert in at least one Cyber technology.
15. Engaging with program managers to ensure security architecture alignment.
16. Providing coaching and mentoring within and outside the team.
17. Maintaining a growth mindset and a desire to learn and teach.
18. Owning or providing input into shared infrastructure development.
Skills Required for the Role
Essential:
* SIEM experience with Elastic Stack (ELK)
* Knowledge of ArgoCD, Terraform
* Knowledge of CI/CD tools (Ansible, CircleCI, Jenkins, Parker, Terraform)
* Knowledge of offensive testing frameworks
* Message processing using Kafka, RabbitMQ
* Knowledge of Linux, Windows, and Network Administration
* Knowledge and experience of cloud services (public or private), OpenStack, and Kubernetes
* DevOps qualifications
* Knowledge of Telecoms Security Act (TSA)
* Knowledge of architectural concepts such as microservices and service mesh
* Strong understanding of security policies and regulatory frameworks
Experience:
* Bachelor’s/Master’s degree in relevant fields
* 5+ years in a DevOps role with ownership of critical platforms
* Leadership experience in managing a DevOps team
Benefits
* On-target 10% bonus
* BT Pension scheme with contributions
* Family leave policies
* Enhanced health support
* 25 days annual leave
* Virtual GP appointments
* Carer’s leave
* Training and development opportunities
* Option to join BT Shares Saving schemes
About us
BT Group is a pioneering telco with a rich heritage, leading major digital infrastructure projects, and committed to transforming connectivity and customer experience. We embrace diversity and encourage applications from candidates of all backgrounds, including those with flexible working arrangements.
#J-18808-Ljbffr