Technical Specialist, Analyst Information Security
Mumbai, India
NTT DATA
NTT DATA helps clients transform through consulting, industry solutions, business process services, IT modernization and managed services.Want to be a part of our team?
The role of the Security Platform Engineer forms part of the Global Cybersecurity Incident Response Team (CSIRT) team, and is responsible for facilitating problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning). This role is responsible for detecting and monitoring escalated threats and suspicious activity affecting NTT Ltd.'s technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).Working at NTT
Key Roles and Responsibilities:
- Work as part of a global CSIRT team that works 24/7 on rotational shifts.
- Work as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings
- Administration of the NTT Data Inc security tools to gather security logs from environment
- Life cycle management of the supported security tools/technologies, Break-fix, Patching, Live update
- Adhering to SOPs and notify stake holders on log flow/log format issues
- Document best practices
- Identify opportunities to make automations which will help the incident response team.
- This role involves security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure.
- Carry out agreed maintenance tasks
- Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required
- Perform defined tasks to monitor service delivery against service level agreements and maintains records of relevant information
- Investigate causes of incidents and seeks resolution
- Escalate unresolved incidents and follow up until incident is resolved
- Provide service recovery, following resolution of incidents
- Document and close resolved incidents according to agreed procedures
- Investigate and identifies root cause of incidents and assist with the implementation of agreed remedies and preventative measures
- Maintain knowledge of specific specialisms, provides detailed advice regarding their application
- Ensure efficient and comprehensive resolution of incidents, including ensuring that repairs are carried out by coordinating product requests, working with other team members
- Log all such incidents in a timely manner with the required level of detail with all the necessary
- Cooperate with all stakeholders including client IT environments, vendors, carriers and NTT colleagues to expedite diagnosis of errors and problems and to identify a resolution
Knowledge, Skills and Attributes:
- Seasoned, experienced professional; has complete knowledge and understanding of area of specialisation
- Uses evaluation, judgment, and interpretation to select right course of action
- Working knowledge on implementation and monitoring of any SIEM or security tools/technologies.
- Knowledge on security architecture, worked across different security technologies.
- Customer service orientated and pro-active thinking
- Problem solver who is highly driven and self-organised
- Great attention to detail
- Good analytical and logical thinking
- Excellent spoken and written communication skills
- Team player with the ability to work well with others and in group with colleagues and stakeholders
Academic Qualifications and Certifications:
- Degree or relevant qualification in IT/Computing
- Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc.
- Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH, CASP etc. will be added advantage
Required Experience:
- Seasoned experience in Security technologies like (Firewall, IPS, IDS, Proxy etc.)
- Seasoned experience in technical support to clients
- Seasoned experience in diagnosis and troubleshooting
- Seasoned experience providing remote support in Security Technologies
- Seasoned experience in SOC/CSIRT Operations
- Seasoned experience in handling security incidents end to end
- Knowledge on networking, Linux and security concepts
- Seasoned experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools
- Knowledge on log collection mechanism such as Syslog, Log file, DB API
- Knowledge in security architecture
- Seasoned experience in Security engineering
Skills Summary
Ability to Work Under Pressure, Critical Thinking, Customer Service, Cybersecurity, Logical Thinking, Problem Solving, Scripting, Teamwork, Troubleshooting, Written CommunicationWhat will make you a good fit for the role?
Workplace type:
On-site WorkingEqual Opportunity Employer
NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs CASP+ CEH CSIRT EDR Firewalls Forensics Honeypots IDS Incident response IPS Linux Malware Monitoring Scripting SIEM SOAR SOC Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Architect jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Penetration Tester jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open Forensics-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs