Cyber ASG - Qradar(Linux)

Cyber Application Support Group Specialist (ASG)
QRadar (administration, maintenance, management) and Linux - mandatory
will have good understating of security
vulnerability, malfunction
24*7 shift 300 per night shift US shift / 500 / can go upto 5000 in a month
internet / mobile reimbursement over and above the salary
cab facility
2.5-3 to 8 years

Job Description Cyber Application Support Group Specialist Job Details Job title Application Support Group Specialist/Analyst(ASG) Reports to (job)
Senior Commercial Cyber Specialist Team Global Services / BT Security Location The main location in which the job takes place, mentioning travel if relevant Job Dimensions Administrate and configure security application systems, resolve technical issues on production environments in conjunction with providing post mortem updates as well as root-cause analysis.
Hours FTE (40 hrs) , 24x7 shift , with out-of-hours attendance and on-call cover as when required. DRs Number of DRs- NO Job grade VRJ5 Number of dotted DRs NO Why BT? We've always been an organisation with purpose; to use the power of communications to make a better world. You can trace this back to our beginning as pioneers of the world's first telecommunications company. At our heart, we're a technology company with research and innovation in our bones, and a desire to be personal, simple, and brilliant for our customers. Those are the values we live by. Creating an inclusive working environment where people from all backgrounds can succeed.

Our pursuit of progress over the past 180 years has established BT as a strong, successful brand, with huge scale, capable of achieving great things. From supporting emergency services, hospitals, banks and keeping economies around the world online, safe, and secure. To delivering large scale technology infrastructure like the creation of BT Sport.

Today, in this fast changing, always on, digital world, our purpose remains true. Yet the market conditions, regulation and competition we face are tougher than ever before. So if you have the drive, optimism, and resilience to help propel us forward, we'll offer unrivalled personal development, a wealth of opportunities to learn, experience new things, and pursue new careers. If that's you, and what you're looking for. We'd love you to be part of our future.
Why this job matters
The role holder will be joining the ASG (Application Support group) and will be responsible for supporting both third party and BT proprietary Applications used within the commercial releases of BT's SCP (Secure Cyber Platform) suite. The primary function of the role holder will be to answer application requests from the customers, to ensure that applications remain available and operational. This is to be done in a timely and cost effective manner, whilst documenting their work and reporting the outcome and platform's status.

• The role may require the successful applicant to work via shift rotation and may demand extra hours during high level or priority incidents.
• The role holder will be responsible for ensuring a handover takeover is completed at the start and end of each working day.
• The role holder will also leverage their existing knowledge and skills in order to suggest improvements to both process of the ASG and to the applications themselves.

What I'll be doing your accountabilities The skills you need

• Diagnose and resolve complex incidents where solution may not be clear or procedure may not exist identified through proactive monitoring or escalated by a less senior engineer.
• Deliver technical support for maintaining and improving the integrity of the customer's security information processes and systems.
• Responsible for communicating the relevant BT security procedure and/or process pan-BT.
• To support the delivery of security services that influence and/or provide the security infrastructure for BT's customers.
• Monitor alerts related to applications system components/modules/procedures and provide services proactively.
• Support the investigation and resolution and where necessary report incidents involving potential or actual breaches of protective security compliance.
• Manage production systems and recommend ways to optimize performance, and report application defects to vendors/developers to obtain resolutions.
• Complete a handover takeover at start and end of shift to the next on shift team. (Next team may be remote)
• Make use of change control tactics, with recovery and roll back options to ensure minimal risk to live operations.
• To deliver security vulnerability and patch management.
• Administrate and configure security application systems, resolve technical issues on production environments in conjunction with providing post mortem updates as well as root-cause analysis.
• Working with the Platform team on system level issues.
• Providing training where necessary to new members of the team.
• Defining, documenting and improving support processes for services and applications; implementing automation where possible.
• Provide stakeholder communications e.g. rapid response system
• Timely escalation to protect service and agreed timescales e.g. change window, Incident SLA
• Assist with further developing the capabilities of BT's principal advanced security platforms and offerings.
• Work with customers to train them on new capabilities and evolve existing capabilities continuous deployment.
• Liaise with engineering teams within BT to maintain visibility of internal roadmaps and to provide feedback obtained from experience obtained from delivery and operations activities.
• Deliver a great customer experience.

Mandatory Skills:

• IBM QRadar Administration , Maintainanace , managements and platform incident
• Linux/Windows Admin, SIEM(QRadar)
• Deep understanding of QRadar SIEM architecture and flow , environment.
• An understanding of operational procedures for live operational environments (Risk Analysis, Change Control, Incident Response, Root Cause Analysis)
• Great interpersonal and customer skills.
• Documentation and reporting skills.

OTHER PREFERRED in order of relevance ::

• AWS administration experience
• Applied experience of scripting skills to find innovative approaches to problems.
• Scripting in a language such as Python or Bash.

• Knowledge of continuous delivery environments and technologies such as Puppet.

• Applications support experience, experience in one or more of the following technologies:

• Cloudera (Hadoop, CDH, Manager, Navigator, Sentry, Kafka, Spark, Hbase, HDFS, Yarn, MapReduce)
• Hue (Beeswax, Oozie, Impala, Hive)
• Elastic (Elasticsearch, Kibana, and their plugins),Splunk
• Jira,Opsview,Nagios

Leadership accountabilities Experience you would be expected to have

• Providing advice and assistance to team members
• No formal managerial responsibilities for people

MANDATORY

• IBM Qadar-SIEM Administration , Maintainanace , Managements, support and platform incident handling
• Linux/Windows Admin, SIEM(QRadar)
• Having Cyber Security knowledge and keen bent of mind to learn and move into the Security domain

OTHER PREFERRED in order of relevance

• Scripting Bash, Python and AWS administration.
• Certification - RHCE, Qradar
• Elastic search Kibana,Splunk
• Tools- Jira, OpsView, Nagios

SIEM Administration and Support - (Splunk, Logrhythm)


Key decisions If the job has key decision rights list these here
(see RAPID guidance) You are authorised to access, use or disclose customer information only when you need to do so to perform your operational duties under the agreed NDA. Any other access, use, or disclosure may only be made on receipt of additional authority from the information owner