Information Security Analyst at NTT Ltd.

Job Summary:

Develops and executes security controls, defences and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems. Maintains hardware, software and network firewalls and encryption protocols. Administers cybersecurity policies to control physical and virtual access to systems. Performs network security audits and testing and evaluates system security configurations to ensure efficacy and compliance with policies and procedures. Conducts penetration testing and vulnerability assessments of applications, operating systems and/or networks. Responds to cybersecurity breaches, identifies intrusions and isolates, blocks and removes unauthorized access. Researches and evaluates cybersecurity threats and performs root cause analysis. Assists in the creation and implementation of security solutions. Provides information to management regarding impact on the business caused by theft, destruction, alteration or denial of access to information and systems.

Working at NTT

The Information Security Analyst will be responsible for the planning, implementation and execution of daily/weekly/monthly security tasks that ensures that the clients are compliant with the required standards by providing analysis, administration, and advisory input. The focus will be on the maintenance of compliance, security, and risk functions in correspondence with all service offerings. This will ensure the appropriate identification, protection, response, and recovery of information security threats across all service lines.

The role will require the Information Security Analyst to work closely with clients displaying good client engagement skills with a high level of professionalism. Certification, both in vendor, technology and product is required at a mid to specialised level with continual progress towards an expert level.

PO 1: Risk Management             

•  Complies to all mandated policies, laws and audit requirements
•  Managed environment is safe and secure – Security patch management

PO 2: Operational Excellence    

•  Operates an environment that is reliable and stable
•  Incident Management
•  Service Request Management
•  Capacity Management
•  Availability Management
•  Continuity Management
•  Life Cycle Management

PO 3: Continual Improvements

•  Operate an environment that is efficient, optimized and standardized.

PO 4: Project    

•  Projects are delivered on time, within budget and meets or exceeds customer quality expectations.

Qualifications, Knowledge, and Experience

•  Bachelor’s degree in information system (3+ Years)
•  ITL v3 (2+ Years)
•  SOC/SIEM (3+ years)     
•  Vulnerability Management (3+ years)    
•  Azure Security MAZ500 (3+ years)          
•  Cisco Meraki (1-2 years)
•  Checkpoint CCSA (4+ years)       

Behavioural Competencies/Technical Competencies

Essential

•   Passion for all things security
•   Ability to operate independently as well as in a team environment
•   Excellent communication skills – verbal and written
•   Excellent documentation skills
•   Strong client focus
•   Strong planning and organisational skills
•   Perform well under pressure
•   ITIL v3
•   Have a proactive approach     Essential
•   Security Protocols
•   Security information monitoring solutions
•   Firewalls inclusive of DMZ and IPS
•   Content Filtering
•   End point protection
•   VPN
•   SIEM/SOC
•   Splunk
•   Vulnerability Management
•   EDR
•   DDoS
•   PKI
•   Identity and access management
•   Data Security Concepts and principles
•   Azure Security

Desirable

•   Service management solutions
•   Be coachable
•   Able to manage time effectively and set priorities appropriately
•   Able to maintain professional demeanour under stress
•   Able to operate within customer standard operating procedures
•   Strong listening skills Desirable
•   Sound knowledge of system monitoring platforms
•   Data Access Governance
•   PCI
•   Familiar with on prem and cloud security concepts
•   Knowledge disaster recovery
•   Security awareness programmes
•   Threat hunting concepts and technologies
•   SOAR knowledge/experience
•   DLP
•   SASE knowledge/experience
•   SWG knowledge/experience

Special Requirements

•   3+ Years work experience in a security environment
•   2-5+ years in a similar role within an ICT organisation provision managed services
•   Experienced in writing technical documentation and experience in co-ordination with TAC