Briefing Document

Cyber Security Programme

October 2011

Strictly Private & Confidential

Contents
Introduction to Strategic Selection BT Global Services Company Profile BT Cyber Security Beyond Security Cyber Defence Managed Services Roles Principle Consultant Managing Consultant Senior Consultant Senior Deal Architect Cyber Analyst Business Analyst Solution Architect 3 3 4 5 7 7 10 13 15 16 18 20

Contacts
Ross Kent Email: Mobile: ross@stratsel.com 07768 092 819 Phil Foulkes mail: Mobile: phil@stratsel.com 07836 213 908

Toby Idle Email: Mobile : toby@stratsel.com 07818 066 892

Introduction to Strategic Selection

Strategic Selection are a leading International Executive Search business operating within the ICT marketplace established in 1988. With UK offices in Ascot and an international presence in Geneva,

Switzerland and Johannesburg, South Africa we truly have an international footprint. We pride ourselves on long term partnerships with both clients and candidates alike for example, having worked with Cisco Systems for over 13 years.

We have been exclusively retained by BT Global Services to partner with them as they embark on a significant expansion of their Cyber Security practice to meet with the growing demand in this particular practice.

BT Global Services Company Profile

BT Global Services is a division of the BT Group. It delivers a combination of communications and IT services to over 10,000 organisations and governments worldwide. Its customers include over 25% of the global Fortune 500 and it is the largest supplier of networked IT services to UK government. BT Global Services employs around 22,000 people globally, with one of the largest professional services capabilities in its industry. Total income for BT Global Services in 2010-2011 was 8.047bn. The company offers networked IT services over its global 21st century network (21CN) to customers in more than 190 countries. BT's global capabilities include MPLS service in 197 countries, satellite services in 112 countries, telehousing facilities in 9 countries, 7 global development centres in 4 countries, 19 global service centres in 12 countries and 9 security operation centres in 5 countries.

Customers
BT Global Services manages the global networked IT estate for major multinational companies such as Fiat, PepsiCo, Procter & Gamble and [[ the European network for global pharma company Wyeth, the global data network for China Shipping, and the in-bound voice services for Air China. BT Global Services is one of the UKs leading suppliers of networked IT services for public and corporate sector customers. BT Global Services flagship government contract is with the National Health Service (NHS). The NHS Connecting for Health department and BT are building the NHS Spine, one of the world's largest transactional databases that forms the core of the NHS Care Records Service.

BT Cyber Security
The protection of the UK's infrastructure and systems from cyber treats is a key strategic priority, with cyber attack identified as a top tier risk over the next five years. Already the official numbers from the UK government suggest it costs the country 27bn per annum with most advisors agreeing that the true figure could be up to 3 times that number.

BT is at the forefront of protecting government institutions through to top level corporate companies in the financial and commercial worlds from such losses and is looking to extend its enviable trusted advisor status across these sectors by providing best in class services to protect their clients.

Due to the rapid growth of this sector and BTs preeminent position multiple opportunities now exist through most disciplines for fully qualified and motivated individuals to join one of BTs flagship business areas.

BT Global Services

Overview

Beyond. Security
Cyber Defence Managed Service (CDMS)
Understanding the cyber threat
Cyber attacks are on the increase. It seems that almost every day the media report on yet another serious security breach and that no one is immune. The consequences of a cyber attack are far reaching. Apart from the obvious damage that hacking causes to systems and networks; negative press, loss of credibility, loss of customers (and revenue) and long-term damage to brands can set an organisation back decades. Some may never recover. Two of Sonys online gaming services were recently hacked, resulting in the theft of confidential data of more than 100 million customers1. Citibank has confirmed that hackers have stolen data from thousands of their customers in the US.2. And the International Monetary Fund (IMF) also announced that they have fallen prey to a very major breach3. A cyber attack could affect your entire business operation and is not just an issue for the IT department. The threat cannot be ignored.

The business challenge

Effective cyber defence must be built upon a clear understanding of the aims and goals of the business so that results demonstrate benefits for the whole organisation. Too often we see a disconnect between an organisations business strategy and the security functions that are in place to support their operations. It appears that the wider business doesnt fully understand the possible security risks, or how these would impact critical services. Consequently this is simply omitted from its strategy. On top of this, organisations tend to manage risk against cyber attacks by using a wide range of security technologies and systems, which are often disparate and managed individually. This disjointed approach makes it difficult to prioritise investment in cyber defence and is the reason why so many cyber defence programmes fail to deliver on the intended benefits because they fail to demonstrate how effective cyber defence supports a businesses strategic objectives.

A recent report released by the Cabinet Office estimates that cyber crime costs the British economy some 27 billion a year.4

1 2 3 4

http://www.bbc.co.uk/news/business-13451990 http://www.bbc.co.uk/news/technology-13711528 http://www.bbc.co.uk/news/world-us-canada-13740591 The Cost of Cyber Crime, Detica Ltd and The Cabinet Office, February 2011

BT Global Services

Overview

We deliver: Alignment to business needs, priorities, response and recovery actions

S INES BUS EGY & T STRA ATIONS R OPE

We deliver: Real-time end to end visibility, business impact assessment & decision support

CDM

SE PRI TER ENT S EN GEM CDMMANA K RIS

CDM

S
CDM

SH

OL

CS ISTI

ECU

RIT

YV

IEW

The proactive problem management approach is one of the most powerful features of the service. It means we no longer have to waste time fire fighting because were always continuously learning.
Member, Information Systems and Services, DE&S, MOD

The benefits
ICT
The problem: Unmanageable amounts of events & data

AS NFR

CT TRU

RE

The problem: Poor coverage. Stove piped security islands

With CDMS you will have a comprehensive security view, support for decision-making and enterprise level risk management against the cyber threat by: improving the quality and timeliness of decision making because security is managed holistically and aligned to key business objectives. enabling you to see a complete picture and make the right decisions, quickly. You will have a common visibility of your network resources to ensure availability, service prioritisation, resource allocation, root cause, business impact and accurate situational awareness. anticipating problems so that you can react, recover and maintain key business operations with confidence. Take advantage of our unique insight into managing the cyber threat. We define solutions for organisations with some of the UKs most challenging and complex security environments. We have a trusted relationship with Government and work closely together to help maintain the security of the UK.

Cyber Defence Managed Service

The BT Cyber Defence Managed Service (CDMS) can help you address the cyber threat to your organisation. The CDMS solution: gives you a complete security view, decision support and enterprise level risk management against the cyber threat - all aligned to your business priorities is a real time managed service, which is built on integrated market leading tools that manage the cyber security risk within your organisation is accredited up to IL5 security classification works by discovering the true nature of the network and service infrastructure, analysing feeds from existing devices and asset information (with these devices supplemented to provide appropriate coverage where necessary) and analysing all cyber security relevant data against your predetermined security policy and business priorities has several key outputs including real-time reports and dashboards as well as recommendations from on site accredited BT security analysts so that prompt actions can be taken to minimise the impact of threats or risks.

Doing nothing could put you at risk talk to us today

contact your account manager or visit www.bt.com/defence for more information contact onedeskdefence@bt.com or 0800 783 9053 see how the service works for yourself; we can organise a demonstration at our Cyber Showcase complete our cyber checklist to help identify the most appropriate starting point for your CDMS engagement talk to us about a BT cyber defence Quick Start; a concise, service-led engagement that will kick start your cyber journey and help shape your business case for change.

Offices worldwide

The telecommunications services described in this publication are subject to availability and may be modified from time to time. Services and equipment are provided subject to British Telecommunications plcs respective standard conditions of contract. Nothing in this publication forms any part of any contract. British Telecommunications plc 2011. Registered office: 81 Newgate Street, London EC1A 7AJ Registered in England No: 1800000 6/3/2011

http://www.globalservices.bt.com

BT is supporting MOD to protect against the Cyber threat by delivering a capability that enables the user to deter, protect from, detect, react to, and recover from, a Computer Network Attack or Exploitation.

CYBER PRINCIPLE CONSULTANT

Purpose Of Role: The role holder will be responsible for UK/Global Delivery of BT Cyber Assurance Services delivered from BT Global Services within BT Defence and Security for BTs external customer base. This includes the delivery of world class professional services to provide technical consultancy and pre-sales within the Cyber domain; this includes the Cyber Defence Quickstart, Cyber Defence managed Services, Counterpane and the up sell and Cross sell off the BT Assure/Global services Portfolio. Leads multiple major client assignments and relationships and has a track record of successfully delivering large and complex business change programmes and projects across the BT Cyber Portfolio. Capable of acting as a trusted advisor at Board level within a customer organisation and of influencing the Cyber strategy for that customer. Acts as the key interface between the client and project/programme team for professional services and Consulting deliverables and opportunities. Manages a significant multidisciplinary team as part of a wider transformation project/programme, responsible for key Cyber transformation deliverables. Has a strong understanding of the clients strategy and knowledge of the client sector or other relevant sectors. Capable of being resourced easily onto Cyber pre-sales or client funded work in a leadership, business development or expert role. Role is client facing and will be to help the customer understand and shape their understanding of their current Cyber risk posture, to help evolve their defences and mitigate against an evolving Cyber threat landscape.

Key Responsibilities:

Acts as a source of resolution of unique or complex problems and negotiates strategic issues which affect the business internally and externally for our BT Cyber Assure customers Manage and lead Cyber professional services offerings including Forensics & APT analysis. Providing Forensic & Malware Analysis/Reverse Engineering particularly of cryptographic/obfuscated code Incidence handling, Forensic Analysis (handling compromised machines and knowledge of supporting customer HR/Ethical/Legal cases) Is capable of speaking at an internal or external conference or event on a specialist topic. Delivery of CHECK and CREST Penetration testing consultancy projects including excellent customer facing and report writing skills and managing the full project lifecycle. Taking the lead in executing Data Breach/IP Theft investigations and other computer forensics engagements for our clients within our BT Assure Cyber portfolio. Able to prepare white papers in within the Cyber, Forensics, malware, Penetration Testing skill domains and demonstrate thought leadership to our customers and external conferences. Has an extensive external network of senior stakeholders and contacts across the industry. Manages costs and profitability for large Cyber Consulting projects. Able to build business solutions to complex client problems within the Cyber domain Candidates will be dealing with a broad range of Enterprise customers in the MoD Defence and Government space as well as Banking, Financial and other more commercial sectors. Ideally the candidate will have a good awareness of HMG governance such as GPG 13, ISO 27001, BIP008 and also PCI DSS and understand Protective Monitoring and the various Impact Levels. Development of custom frameworks/toolsets from scratch that can be leveraged for Proactive & Defensive Security/Penetration Testing/War Gamming/Forensics; Programming/Scripting experience would examples include; java, C, C++, Pearl, Ajax, .NET, Assembler/shell scripting, VBScript, PHP etc. Able to articulate to our clients simply how multi-vectored and hybrid security threats are evolving.

Business Impact:

Operates at Board level (plc or public sector equivalent) and builds trusted strong, influential relationships at this level. Is recognised by the client and programme team as a sector or skill subject matter expert within Cyber Understands how own project/programme role and relationships impact on overall delivery of the project or programme. Is involved in the development of Cyber sector business plans.

Authority/Decision Making:

Works with Programme and Cyber Sales Director to develop and execute relationship management within our end clients environment in order to develop new CHECK/CREST consultancy work packages Quality checks the work of multiple teams for which they have responsibility. Identifies additional opportunities with the client, programme and sales team. In order to help up sell and cross sell the BT Assure and wider Global Services and BT Portfolio. Determines the scope and deliverables for Cyber Defence Quickstart/APT Cyber Audit & Penetration Testing and Forensic Analysis work packages.

Qualifications: At least graduate level with significant consulting, delivery or other relevant customer facing business experience within and outside BT, example desired qualifications: BSc/BEng HND/HNC in engineering, computer science, physics, information technology or related field Has relevant professional qualifications or accreditations in relation to their Cyber specialism Current CHECK Team Leader and/or CREST team Leader. CLAS Consultant / RMADS production UK National/Security Cleared (SC/DV) Wide knowledge of Information security/Information Assurance beyond Penetration Testing Experience working on projects around security initiatives like SOX, HIPAA, PCI, FISMA, ISO, COBIT, FFIEC, NERC, NIST, etc. Experience as a Security Architect on large scale multinational customer environments. Forensic & Malware Analysis/Reverse Engineering particularly of cryptographic/obfuscated code Incidence handling, Forensic Analysis (handling compromised machines and supporting HR/Ethical/Legal cases) Qualifications can include: SANS, GIAC, GGCIH/GCFA and/or CISSP,CISA or CISM; PRINCE2 Delivering CYBER threat & awareness/education briefings Development of custom frameworks/toolsets from scratch that can be leveraged for Offensive Security/Penetration Testing/War Gamming/Forensics; Programming/Scripting experience would include some of the following ; java, C, C++, Pearl, Ajax, .NET, Assembler/shell scripting, PHP etc.. Contribution to the development of specialist Cyber Lab; elements include Attack and Defence frameworks, Code Analysis/Reversing, Red/Blue team War gamming/Capture the flag environment. o Research into Evolving threats and new emerging Attack Vectors keeping our services leading edge. Strong program management and customer relationship management skills Manage and lead Cyber professional services offerings including Forensics & APT analysis and o lead in executing Data Breach/IP Theft investigations

Previous working experience in managing commercial forensics functions; with an emphasis on electronic attack and incident response. Experience off: EnCase v6, Access Data FTK; Network forensic tools (eg, wireshark, netwitness, silent runner);.nix based operating systems; Shell Scripting Complex evidential preservation (eg email Servers, network traffic, database systems). Experience of DDOS implementation, Firewall & Log Analysis, IPS and IDS, Security Information Event Management (SIEM) technology (IDS/IPS, Checkpoint, Juniper, Cisco ASA) and generic IT Security tools). Good all round knowledge for post installation associated in troubleshooting and monitoring Candidates will be dealing with a broad range of Enterprise customers in the MoD Defence and Government space as well as Banking, Financial and other more commercial sectors. Ideally the candidate will have a good awareness of HMG governance such as GPG 13, ISO 27001, BIP008 and also PCI DSS and understand Protective Monitoring and the various Impact Levels.

Skills/Experience:

Has been instrumental in significant sales wins and in developing key Board level relationships. Has in-depth knowledge of several skill or sector domains within the field of Cyber Security Authority on within some or all of the following fields Malware Analysis, Forensics, Incidence Response, Enterprise Penetration testing, War Gamming, Proactive & Defensive Cyber Security with the ability to help develop BTs Consulting Approach within the Cyber domain. And a clear track record in applying this previously across several transformational programmes or projects. Able to apply help shape BTs Cyber transformation, change management and benefits management approach in a client environment. Has an extensive and proven track record of client facing consultancy experience and complex delivery within Defence and Security, Banking and Finance and commercial organisations Excellent client relationship skills and interfaces with clients at Board level. Can evidence a range of successful client assignments and relationships based on client feedback. Uses their network to benefit BTs position within new or existing clients and to support recruitment. Has demonstrated leadership, industry specialism, deep consulting or other market critical skills and a track record of business development. Understands relevant future business trends within and beyond their area of Cyber Security specialism and can articulate this to clients. Is recognised for having delivered significant pieces of work to time, budget and quality. Has a broad business and commercial background, preferably external to BT, and a strong understanding of how organisations operate from across a range of sectors. Works well in project/programme environment. Strong analytical, oral, written and interpersonal skill in the delivery of Forensic, Penetration Testing & malware analysis Mobile where required.

CYBER MANAGING CONSULTANT

Purpose Of Role: The role holder will be responsible for UK/Global Delivery of BT Cyber Assurance Services delivered from BT Global Services within BT Defence and Security for BTs external customer base. This includes the delivery of world class professional services to provide technical consultancy and pre-sales within the Cyber domain; this includes the Cyber Defence Quickstart, Cyber Defence managed Services, Counterpane and the up sell and Cross sell off the BT Assure/Global services Portfolio. Leads all but the largest projects and client consulting relationships. Acts as the key interface between the client and project/programme team for consulting deliverables and opportunities across the BT Cyber Portfolio. Manages a significant team as part of a wider transformation project/programme. Has a strong understanding of the clients Cyber strategy and knowledge of the client sector or other relevant sectors. Works closely with the clients on client site. Capable of being resourced easily onto pre-sales or client funded work in a leadership or expert role. Role is client facing and will be to help the customer understand and shape their understanding of their current Cyber risk posture, to help evolve their defences and mitigate against an evolving Cyber threat landscape.

Key Responsibilities:

Applies knowledge and skills through handling complex problems and coordinating activities & resources which may extend beyond own area of expertise for our BT Cyber Assure customers. Deliver Cyber professional services offerings including Penetration Testing/Ethical Hacking and working as part of a larger team in the delivery of Network Forensics & APT analysis. Knowledge of Forensic & Malware Analysis/Reverse Engineering particularly of cryptographic/obfuscated code Incidence handling, Forensic Analysis (handling compromised machines and knowledge of supporting customer HR/Ethical/Legal cases) Delivery as part of a wider team of CHECK and CREST Penetration testing consultancy projects including excellent customer facing and report writing skills and managing the full project lifecycle. Development of Cyber test plans and procedures to help clients understand there current Cyber Posture Acts independently in complex environments with the ability to build business solutions to help resolve complex client problems within the Cyber domain Candidates will be dealing with a broad range of Enterprise customers in the MoD Defence and Government space as well as Banking, Financial and other more commercial sectors. Ideally the candidate will have a good awareness of HMG governance such as GPG 13, ISO 27001, BIP008 and also PCI DSS and understand Protective Monitoring and the various Impact Levels. Vulnerability Analysis, Network mapping, Risk modelling, Firewall/IDS Log Analysis Knowledge of custom frameworks/toolsets that can be leveraged for Proactive & Defensive Security/Penetration Testing/War Gamming/Forensics; Programming/Scripting experience would examples include; java, C, C++, Pearl, Ajax, .NET, Assembler/shell scripting, VBScript, PHP etc. Uses knowledge to focus work and drive improvements, contribution to customer sales meetings Contributes to the development of specialist Cyber offerings and new tools and methods. Able to prepare white papers within the Cyber, Penetration Testing, Research & Development in new tools and techniques and demonstrate thought leadership. Participates in the training and development of less experienced people within the team, and monitors the Quality of delivery. Is capable of speaking at an internal or external conference or event on a specialist topic.

10

Business Impact:

Is recognised by the client and programme team as a sector or skill subject matter expert. Builds strong relationships at the most senior levels within client organisations. Understands how own project/programme role impacts on overall delivery of the project or programme. Works closely with the client and leads and influences client thinking around there current Cyber risk posture and assist in the formulation of proactive Cyber Strategy.

Authority/Decision Making:

Manages relationship with the client in relation to own CHECK/CREST project modules. Quality checks the work of own team, undertakes peer reviews as appropriate. Determines what information to present to the client for own project modules. Identifies additional Cyber opportunities with the client, programme and sales team. Determines the scope and deliverables for Cyber Defence Quickstart/APT Cyber Audit & Penetration Testing and Forensic Analysis work packages.

Qualifications: At least graduate level with significant consulting, delivery or other relevant customer facing business experience within and outside BT, example desired qualifications: BSc/BEng/HND/HNC in engineering, computer science, physics, information technology or related field Has relevant professional qualifications or accreditations in relation to their Cyber specialism Current CHECK Team Member Current CREST Registered Tester CLAS Consultant / RMADS production UK National/Security Cleared (SC/DV) Wide knowledge of Information security/Information Assurance beyond Penetration Testing Experience working on projects around security initiatives like SOX, HIPAA, PCI, FISMA, ISO, COBIT, FFIEC, NERC, NIST, etc. Qualifications can include: SANS, GIAC, GGCIH/GCFA and/or CISSP,CISA or CISM; PRINCE2 Offensive Security Certified Professional/ with significant penetration testing experience Contribute to CYBER threat & awareness/education briefings Strong program management and customer relationship management skills Any previous working experience in managing commercial forensics functions; with an emphasis on electronic attack and incident response. Experience off: EnCase v6, Access Data FTK; Network forensic tools (eg, wireshark, netwitness, silent runner);.nix based operating systems; Shell Scripting Complex evidential preservation (eg email Servers, network traffic, database systems). Experience of DDOS implementation, Firewall & Log Analysis, IPS and IDS, Security Information Event Management (SIEM) technology (IDS/IPS, Checkpoint, Juniper, Cisco ASA) and generic IT Security tools). Good all round knowledge for post installation associated in troubleshooting and monitoring Development of custom frameworks/toolsets from scratch that can be leveraged for Proactive & Defensive Security/Penetration Testing/War Gamming/Forensics; Programming/Scripting experience would examples include; java, C, C++, Pearl, Ajax, .NET, Assembler/shell scripting, VBScript, PHP etc.

11

Skills/Experience:

Excellent client relationship skills and interfaces with clients at Board level. Can evidence a range of successful client assignments and relationships based on client feedback. Can use their network to benefit BTs position within new or existing clients and to support recruitment. Has demonstrated leadership, industry specialism, deep consulting or other market critical skills and a track record of business development. Is recognised for having delivered significant pieces of work to time, budget and quality. Capable of achieving the confidence of clients and representatives of BTs Cyber sales and delivery community. Has demonstrated team leading capability on consulting deliverables as part of a previous employment with a CHECK/CREST UK service provider. Has very significant client facing consultancy experience across a range of complex programmes. Has a broad business background, preferably external to BT, and a strong understanding of how organisations operate from across a range of sectors, including Government & Defence, HMG, Financial Markets, Consumer and Packaged goods. Has full understanding of CHECK/CREST Consulting Approach and a track record in applying this across several programmes or projects. Able to help shape BTs Cyber transformation, change management and benefits management approach in a client environment. Has good all round consulting capability and can demonstrate evidence of skill or sector specialism and deep skill or sector knowledge. Has broad commercial knowledge, particularly with Respect to the delivery of Complex Penetration testing and vulnerability scanning engagements. Understands future trends in their area of specialism and can articulate this to clients. Works well in project/programme environment, excellent team player. Strong analytical, oral, written and interpersonal skills. Mobile where required.

12

Senior Consultant
BTs newly formed Cyber Defence Services (CDS) team sits within the Defence and Security area of BT Global Services. Our remit is to develop and deliver a range of advanced cyber defence managed services; principally aimed at BTs global enterprise customers. We utilise a Business led engagement methodology to drive the application of world leading Cyber Defence technologies, capabilities and overarching security services within a far reaching customer base. Purpose Of Role: Acts independently to work with BTs clients to direct delivery of large and complex project modules within the Cyber Defence Services team and will lead smaller projects, including management of a project team as part of a wider transformation project/programme. Has a strong understanding of the clients strategy and knowledge of the client sector or other relevant sectors. Works closely with the client on client site. Capable of being resourced easily onto pre-sales or client funded work. Role is client facing. Key Responsibilities: Works with the customer to identify business change issues and has proven customer impact in generating engagement in transformation design, business issue resolution and transformation implementation. Engages the client in hypotheses around client issues. Prepares and delivers client presentations. Runs client meetings and workshops in support of own project modules. Builds strong client relationships. Has a role in project resourcing and management. Manages joint BT and client teams and coaches their performance. Creates client-facing opportunities. Responsible for the quality of delivery within own project module. Is capable of speaking at an internal or external conference or event on a specialist topic.

Business Impact: Is recognised by the client and programme/project team as authoritative in own subject/project area. Understands how own project/programme role impacts on overall delivery of the project or programme. Works closely with the client and leads and influences client thinking.

Authority/Decision Making: Manages relationship with the client in relation to own project modules. Quality checks the work of own team. Determines what information to present to the client for own project module. Identifies additional opportunities with the client, programme and sales team.

Qualifications: At least graduate level with a range of consulting, delivery or other relevant customer facing business experience within and outside BT. Has relevant professional qualifications or accreditations.

13

Skills/Experience: Is recognised for having delivered significant pieces of work to time, budget and quality on a variety of assignments for a number of different clients. Capable of achieving the confidence of clients and representatives of BTs sales and delivery community. Has demonstrated team leading capability on consulting deliverables. Has significant consultancy experience. Has a broad business background, preferably external to BT, and a strong understanding of how organisations operate from across a range of sectors. Has full understanding of BTs Consulting Approach and a track record in applying this across several programmes or projects. Able to apply BTs transformation, change management and benefits management approach in a client environment. Can evidence a range of successful client assignments based on client feedback. Has good all round consulting capability and can demonstrate evidence of expert knowledge in a specialist area (sector or skill domain), broad commercial knowledge and a track record of developing client relationships at a senior level. Understands future trends in their area of specialism and can articulate this to clients. Works well in project/programme environment. Strong analytical, oral, written and interpersonal skills. Highly mobile.

14

Cyber Defence Senior deal Architect

BTs newly formed Cyber Defence Services (CDS) team sits within the Defence and Security area of BT Global Services. Our remit is to develop and deliver a range of advanced cyber defence managed services; principally aimed at BTs global enterprise customers. We utilise a Business led engagement methodology to drive the application of world leading Cyber Defence technologies, capabilities and overarching security services within a far reaching customer base. Purpose Of Role: The role holder works in conjunction with the Account Director to pursue, negotiate and win innovative, technologically advanced and commercially compelling Cyber Defence Services deals. This requires the qualification and subsequent development of business opportunities in direct consultation with the customer, and the establishment and maintenance of close working relationships with the account team who act as the direct channel to market. Once the opportunity has been developed sufficiently to enter into a bid cycle, the role holder will lead the bid team and will be responsible for architecting the commercial proposition and, through leadership of the wider bid team, the service proposition which may include networks, products, systems, service, business processes and people. The proposition will be articulated as closely as possible to the clients language and terminology, and developed with commercial integrity and delivery credentials. Finally, he/she will work with all relevant groups to develop the final contract in readiness for hand-over to the Contract/Business Management team. The post holder may also manage a team of senior/deal architects or predominately a team of senior/deal architects supporting them in qualification and day-to-day management in addition to operating as a deal architect in their own right. Key Responsibilities: To provide expertise and leadership on the significant CDS bids in terms of value, strategic importance and complexity. To research, develop and pursue a detailed CDS development plan. To shape and develop specific CDS business opportunities, close deals, negotiate contracts terms and prices. Supporting innovation and sales Working with BT suppliers account mapping/management Development of portfolio skills and knowledge within the broader team Commands an appropriate level of credibility and authority, perceived as an expert in his/her field.

15

Cyber Defence Services - Cyber Analyst

BTs newly formed Cyber Defence Services (CDS) team sits within the Defence and Security area of BT Global Services. Our remit is to develop and deliver a range of advanced cyber defence managed services; principally aimed at BTs global enterprise customers. We utilise a Business led engagement methodology to drive the application of world leading Cyber Defence technologies, capabilities and overarching security services within a far reaching customer base. Key purpose of the role Working in a Customer or BT operational centre providing a proactive and reactive operational service to manage the security and cyber risk to an organisation. Monitoring client security infrastructure via correlation tool; Recommending solutions for the resolution of security issues; Gathering intelligence from external sources e.g. the Internet; Interfacing with client IT & Security personnel; Producing security reports based upon security event information; Maintaining an up to date knowledge of IT based threats and Vulnerabilities; Identifying and reporting real time attacks and vulnerabilities on the client network; Identification of incidents and subsequent analysis to determine their severity and the response required; Assisting with external investigations as required Assisting with product implementation and management Key Responsibilities Support in life service Security and Network solutions Deliver in life customer projects for Security and Network solutions Troubleshoot customer problems within Security and network domain To undertake problem analysis e.g. root cause, repeat faults, trends to identify opportunities for improvement and initiate investigation and/or corrective action, where appropriate. Review, advise and implement firewall changes in line with BT & Customer security policies and change control processes Offer proactive advice on implemented services To meet or exceed bespoke/customer-specific SLA's, contractual commitments and internal BT GS performance measurements. This includes the day-to-day operational management of BT internal and third party suppliers To accurately log, update and close event management tickets in a quality and timely manner as per the documented processes and take the required corrective action where quality issues are identified. To ensure that all agreed communication, notification and escalation processes (internal/external) are delivered e.g. customer updates. Undertake regular capacity management and security breach reports in line with agreed customer requirements. Key Working Relationships External: External customer base Vendors (Firewall, Proxy, IDP/IPS, DPI, SIEM, LAN, WAN) BT Internal organisations: BTO, BTGS, BTI&D

16

Professional / Technical Competencies TCP/IP Windows Networking environments Network Protocols IDS Monitoring Malware and other related IT threats Good written and verbal communication skills Good customer service skills The ability to analyse information and make decisions The desire to learn The ability to work in a team Desirable qualifications Security related qualification such as CISSP/ISSP; GIAC Certified Intrusion Analyst (GCIA) Degree or equivalent in Computer Science or IT Security. CCNA MSCE Sun Solaris Support and deployment Version 8 to 10

Other Requirements Candidates must be eligible to live and work in the UK Candidates must hold, or be able to attain, UK government security clearance to SC Shift working may be required

17

Cyber Defence Business Analyst / Senior Consultant

BTs newly formed Cyber Defence Services (CDS) team sits within the Defence and Security area of BT Global Services. Our remit is to develop and deliver a range of advanced cyber defence managed services; principally aimed at BTs global enterprise customers. We utilise a Business led engagement methodology to drive the application of world leading Cyber Defence technologies, capabilities and overarching security services within a far reaching customer base. Overview of Role Provide specialist Business Analyst / consultancy support to Cyber Defence Services (CDS) opportunities across a range of Global Services customers. Work with existing account teams to introduce them and their clients to CDS and our Cyber Defence Managed Service (CDMS) benefits, features and capabilities and deployment approach. Lead business engagement with CDS customers aimed at deriving business priorities and defining the deployment and service approach for CDS capabilities. Minimise the risk and cost of change associated with CDS capability deployment, management and support Create business driven processes that align BTs CDS deliveries with a customer organisations goals and strategic objectives Provide costed Business Solutions/Proposals in conjunction with CDS solutions architects, third party suppliers, project, product, service and commercial managers; ability to present these in detail to customers. Drive sales and growth for BTs Cyber Security initiative, through the provision of clear business benefits and the articulation of BTs approach to Cytber Security and how it aligns to target organisations.

Key Responsibilities Play a key role in the qualification and development of CDS sales opportunities; including working on CDS proposals/bids in the area of Business Change Be knowlegable (with training to support this) in our CDMS capability, our CDS quickstart engagements and have a sound understanding of BTs security portfolio. Fulfil a leading role in the capture and specification of customer drivers, environments and requirements - applying understanding of key CDS capabilities and Managed Services Work with a range of customers to identify, investigate and resolve business wide and complex problems preventing the business achieving its strategic aims and goals through gathering the necessary information, formulating and verifying hypotheses, determining the root cause(s) and recommending corrective action to enable effective Cyber security. Produce feasibility reports, produced in conjunction with solutions architects, programme managers and commercial managers presented to customer management. Assess and promote required business benefits to staff at all levels of a portfolio, programme, project or business area to ensure that there is a logical approach to complex situations that keeps a focus on business objectives, business cases and intended benefits. Able to work with senior stakeholders to ensure that maximum benefits are achieved for the business as multiple inter-related projects/activities achieve their deliverables. Maintain the business cases for funding and confirm continuing business viability at regular intervals. Communicate the CDS / CDMS message, principles and concepts to a wide audience from IT / IT security teams up to and including CIO level Identify potential influences, including customer organisation and supplier relationships

18

Work closely with the CMDS capability team to maintain expertise and feedback client requirements and drivers to support development work / roadmap

Skills and Experience: Experienced in working on and ideally leading complex IT and or IT change programmes / projects Experienced in engaging multiple customers across a range of sectors Experienced in engaging with BT account teams at all levels

Competencies include: Strong relationship building and team working skills Tactful, diplomatic, persuasive, politically astute, sensitivity Passionate about client satisfaction, service and delivery Strategically astute, able to see the bigger picture Good analytical skills, logical, structured process aware whilst creative, imaginative and challenging Intuitive, creative and capable of conveying requirements, using business language Excellent negotiation and communication skills, written, verbal and presentational

Additional Criteria: Experience of IT and Network security mechanisms and capabilities Awareness of IT security systems Experience of working in / with a sales team Awareness of security standards and policy Experience in representing BT at all levels within customer organisations Experience of managing client engagements Comfortable working in a lead, customer facing role

Qualifications Relevant Business Analyst / Senior Consultant BT qualifications minimum. ITIL Location: Swindon North Star House Work from home?: Occasional Travel: Yes Out of hours work required: No, not normally Security Clearance level required: SC minimum

19

Solution Architect
BTs newly formed Cyber Defence Services (CDS) team sits within the Defence and Security area of BT Global Services. Our remit is to develop and deliver a range of advanced cyber defence managed services; principally aimed at BTs global enterprise customers. We utilise a Business led engagement methodology to drive the application of world leading Cyber Defence technologies, capabilities and overarching security services within a far reaching customer base. Overview of Role:

Play a key role in the creation and development of solutions for CDS proposals/bids Fulfil a leading role in the capture and specification of As-Is customer environments and Target architectures applying understanding of key CDS capabilities and Managed Services Must be familiar with Managed Services and ITIL Model and communicate the overall solution architecture for CDS proposals/bids using appropriate methodologies/notations (e.g. MODAF and UML) Capture, consolidate and manage requirements using Stories, Use Cases and requirements statements as appropriate Flow-down top-level requirements into detailed derived requirements specifying the responsibilities of key solution components, work packages and/or third-party supplier contracts Identify and specify key interfaces with third-party products/suppliers and oversee the implementation of these interfaces Assist the service design lead in determining and specifying the SLAs and KPIs taking into account the availability/performance of the ICT solution architecture Provide definitive advice regarding the scope/obligations/dependencies documented within the agreed requirements Work jointly with the development team lead and project management to cost and plan delivery of CDS solutions Provide the key technical input supporting the Service Design Must be SC Cleared Role is based in Swindon. Limited remote working.

The successful candidate will have proved their delivery capability in a large scale, client facing, complex corporate environment. They will ideally be tough, focused and passionate about customers and delivery. Core competencies include: A motivational leader with strong relationship building and team working skills Tactful, diplomatic, persuasive, politically astute, sensitivity Passionate about client satisfaction, service and delivery Strategically astute, able to see the bigger picture Good analytical skills, logical, structured process aware whilst creative, imaginative and challenging Clear record of achievement, overcome difficult challenges, having made tough decisions and successfully implemented or managed implementation Intuitive, creative and capable of conveying requirements Excellent negotiation and communication skills, written, verbal and presentational ADITIONAL CRITERIA Experience of IT and Network security mechanisms and capabilities Awareness of enhanced security monitoring systems Strong background in software engineering and systems integration in a complex multi supplier environment Awareness of security standards and policy Experience in development or delivery of managed service and a strong understanding of ITIL.

20