Junior information Security Analyst at NTT Ltd.

Want to be a part of our team?

• The purpose of the role is the auditing and remediation of security governance which includes cybersecurity analysis, incident detection/response, and the implementation of best-practice IT Security processes, threat assessment, cyber intelligence, secure software configurations, and vulnerability assessments/mitigations.

Working at NTT

Vulnerability Management

• Analyses and validates vulnerabilities then plan remediation activities
• Schedules and performs regular vulnerability scanning activities in the corporate network
• Reviews security vulnerabilities to identify risks to computing assets
• Provides technical vulnerability analysis and remediation options
• Reduces vulnerability by improving remediation and patch management process
• Ensures familiarity with Qualys and Nessus vulnerability scanner
• Reports and presents findings to a non-technical audience
• Assisting with the development and updating of cybersecurity-centric policies and procedures
• Assists with establishing network device implementation best practices, while providing guidance to others. 

Risk Management

• Information Security and related risk assessments, as well as remediation plan development
• Identifying, raising and managing security risks through the appropriate risk life cycle
• Proactive risk management and engagement with business partners

Information Security Governance, Compliance and Audits

• Lead discussions with internal stakeholders to ensure remediation efforts adhere to Company standards
• Assists with PCI and ISO compliance reviews, as needed.
• Conducts periodic user access reviews in conjunction with department heads
• Assist in updating existing Information Security Policies and Procedures.
• Reviews network security audit logs (e.g., firewall, IDS, etc.) periodically. Evaluate compliance with established security controls.
• Supports information security projects and initiatives.
• Assists with the investigation of security incidents, recommend and implement solutions to remediate or mitigate
• Assists with the development of company-wide best practices for IT security
• Actively involved with information security education where required
• Conduct regular policy and plan reviews, report on findings, recommend policy and plan updates.
• Review and provide feedback on common controls, the security categorization of information systems, and an applicable security control baseline based on system categorization.

What will make you a good fit for the role?

Knowledge

• Ability to evaluate, assess, and implement IT risk mitigation processes and procedures
• Knowledge of network security controls and vulnerability management
• Proven knowledge of information security standards, rules, and regulations including International Organization for Standards (ISO) 27001, 27002, National Institute of Standards and Technology (NIST) and others
• 2 -3 years’ experience of network, server, mobile devices, application, and database security principles for risk identification and analysis
• Ability to work effectively with auditors, customers, consultants, employees, and vendors

Skills

• Knowledge Sharing (L3)
• Networking (L2)
• Problem Solving (L3)
• Project Management (L2)
• Technical Expertise (L2)
• Oral and Written Communication (L3)
• Planning and Organisation (L3)