Security Analyst - SIEM

Want to be a part of our team?

We have an opportunity to join our Advanced Security Operations Consulting Team as a Security Analyst working on Customer SIEM solutions.
As a Security Analyst, working as part of a dedicated team, you will be responsible for helping to deliver a fully Managed Security Service to our key clients and ensuring the client is kept secure, by providing comprehensive insight in to the client’s risk to threats.
Although the role is for a Security Analyst, both Vendor aligned and on-the-job training will be provided to help you advance to a Senior Security Analyst level.

The Role will be home based, but some travel will be required to attend Customers sites and attend NTT Offices, in Theale, Fleet or London on a regular basis.

Working at NTT

Key Roles and Responsibilities:

As the Security Analyst, you will be accountable for the following activities:

• Using security information and event management (SIEM) platform to monitor client’s network and endpoints for security alerts and investigate incidents (LOGRHYTHM).
• Provide first tier responder analysis and investigation of incidents and security alerts from the SIEM platform or where escalated by team members.
• Drive containment strategy during incident, data loss or breach events.
• Assist in the Design and implementation of Use Cases for SIEM detection capabilities.
• Maintain good working order of SIEM (daily health checks, resolve issues and any proactive activities)
• Use of applications and systems, such as firewalls, IDS, NAC and data encryption programs, to protect sensitive information and carry out further investigations.
• Support the SecOps Team and customer via direct dialogue with specialist areas/individuals that support security control operations.
• Assist in the preparation of reports that document security incidents and the extent of the damage caused by the incident.
• Support the Senior Security Analysts in Pro-actively engaging & providing guidance to client teams around threats, vulnerabilities and security changes.
• Research the latest information security trends and incorporate the knowledge to build strong understanding of possible impact to client’s environment.
• Be part of an incident response team that is on-call out of office hours (fortnightly basis)
• Create reports relevant to function such as end of day summaries, handover report, management intelligence, threat and risk analysis.
• Liaise with third parties and vendor when required to troubleshoot SIEM platform issues.
• Ensure all deliverables are actioned as stipulated in the agreed KPIs & SLA.
• Take direction from the lead analyst on the account(s) and may also be required to help on other services

Knowledge, Skills and Attributes:

• Knowledge and understanding of IT industry environment and business needs
• Strong understanding of information technology and information security
• Solid understanding of security risks and preventative controls
• Strong understanding of Firewalls, IDS, NAC, MacAfee EPO and HIPS would be advantageous.
• Excellent understanding of security operational processes and controls
• Understanding of Cyber kill chain, Malware toolkits, Attack surface and Attack vectors.
• Understanding of processes required to carry out malware analysis and malware reverse engineering.
• Good communication skills with the ability to engage with a variety of different stakeholders at varying operational levels.
• Ability to work successfully, both individually and as part of a Team
• Ability to follow and enhance established processes
• Industry recognized accreditation or Higher Education Qualification – e.g. Cyber Security related degree, Network+ Sec+, ITIL or equivalent demonstrable experience.
• Experience of working in environments subject to compliance requirements such as PCI DSS, FSA (UK), and ISO27001.
• Applicants must be UK based and have the ability to pass a 3 Year Security background check.

Required Experience:

• Proven 2 years experience in a similar role, ideally within the Managed Security Service industry.
• Experience of providing a Managed Security Service or working within a Threat / Risk Management environment, ideally working with SIEM Platforms
• Experience in monitoring security events, analyzing alerts, and managing security incidents is important. This includes understanding different types of security alerts, prioritizing them based on risk, investigating suspicious activities, and escalating incidents as necessary.
• Knowledge or experience of Threat Detection and Hunting methodologies
• Experience in supporting Incident & Change Management and handling processes
• Applicants must be UK based and have the ability to pass a 3 Year Security background check.
• Please be aware that NTT requires positive references for the last 5 years in order to be eligible for this role.

Skills Summary

What will make you a good fit for the role?

Remote Type:

Remote Working

Equal Opportunity Employer

NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category