This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
The Senior Associate Managed Services Information Security Analyst is a developing subject matter expert, required to monitor, analyze, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling the organization to deliver the contracted security services. This role includes performing tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.
Job Responsibility
Work as part of a global Cyber Defense Centre (CDC) team that works 24/7 on rotational shifts
Work with client stakeholders and Information Security Manager (ISM) to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
Monitoring of the security tools to review and analyze security logs from client environments
Generate continuous improvement ideas for supported security tools/technologies, to enable improvements to the company services, employee experience and client experience
Adhere to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
Utilise and document best practices and amend existing documentation as required
Security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics
Utilizes a broad range of skills in LAN technologies, Windows and Linux O/S's, and general security infrastructure
Ensure usage of knowledge articles in incident diagnosis and resolution and identify when updates are required
Perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information
Undertake limited range of threat hunting activities across both individual client estates, as well as cross client hunting
Manage unresolved incidents and follow up until incidents are resolved
Apply critical thinking to your role to ensure the best outcomes for the client and NTT within the boundaries of the service and SOPs
Remain curious and objective to provide high quality services to the clients, beyond tools native capabilities
Cooperate closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client
Performs any other related task as required
Requirements
Developing knowledge on implementation and monitoring of a company supported SIEM or security tools/technologies/concepts
Developing knowledge on security architecture, worked across different security technologies
Developing knowledge and understanding of the operation of modern computer systems and networks and how they can be compromised
Displays excellent customer service orientation and pro-active thinking
Displays problem solving abilities and is highly driven and self-organized
Excellent attention to detail
Displays analytical and logical thinking
Well spoken and written communication abilities
Ability to remain calm in pressurized situations
Ability to keep current on emerging trends and new technologies in area of specialization
Bachelor's degree or relevant qualification in Information Technology or Computing or a related field
Moderate level of experience in SOC Analysis Operations
Moderate level of experience in SIEM usage for investigations
Moderate level of experience in Security technologies such as (but not limited to) Firewall, IPS, IDS, Proxy
Moderate level of experience in dealing with technical support to clients
Moderate level of experience in handling security incidents end to end
Moderate level of experience in configuring/managing security controls, such as SIEM, Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, Honeypots and other security tools
Moderate level of experience in Security Analysis or Engineering preferably gained within a global services organization
Nice to have
Security certifications such as (but not limited to) AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar
Certification in different networking technologies such as CCNA, JNCIA, ACCA, PCNSA, CCSA is advantageous