Principal Information Security AnalystNTT

• 
  As part of the global Cyber Defence Team, you will work with clients and various stakeholders to tune the various security platforms and client infrastructure to enable more efficient detection, analysis and reporting.
• Monitoring of the NTT security tools to review and analyse security logs from client environments.
• Generate continuous improvement plans for supported security tools/technologies, to enable improvements to the NTT services, employee experience and client experience. 
• Adhere to SOPs, customer Run Books and standard ITIL processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards.
• Utilise and document best practices and amend existing documentation as required.
• Identify opportunities to implement and improve automations which will help the clients and security delivery teams.
• Identify Cloud services improvements and develop infrastructure as code through Terraform/ETL pipelines.
• Identify client Cloud services security gaps and improve client security posture through various SIP plans.
• Security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics.,
• Utilise a broad range of skills in AZURE, AWS, GCP, LAN, WAN technologies, Windows and Linux O/S’s, and general security infrastructure.
• Ensure usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required.
• Perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information

Knowledge, Skills and Attributes:

• Excellent problem-solving skills with ability to identify complex security issues, brainstorm potential solutions and choose the best way to resolve an issue.
• In-depth knowledge of security technologies and understanding of managed services concepts
• Excellent knowledge of security monitoring and management tools for performance optimization and troubleshooting
• Demonstrates leadership skills, with effective communication and interpersonal skills to interact with clients, vendors, and internal teams.
• Project management skills and the ability to handle multiple tasks and priorities effectively.
• Excellent scripting/programming skills
• Applies broad expertise and knowledge in highly specialised fields or several related disciplines.
• Excellent proficiency in understanding of patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
• Excellent proficiency with Microsoft Azure, Microsoft Sentinel
• Familiarity with security frameworks, standards, and regulations (e.g., NIST, CIS, GDPR)
• Excellent proficiency of understanding in network and system architecture, protocols, and security controls
• Strong analytical skills to analyse security incidents and assess potential risks
• Ability to work both independently and collaboratively in a fast-paced environment

Academic Qualifications and Certifications:

• Vendor certifications play a crucial role in demonstrating expertise and qualifications in specific areas and are mandatory.
• Azure Certified Solutions Architect / PCNSE /NSE8 / CCIE / CISSP / Automation certifications or equivalent preferred
• Cloud Security certifications and certifications like AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCIE / CCDP Security, JNCIA, ACCA, PCNSE, PCNSC, FCE, CCSA, ITIL, Azure Security Engineer, Azure Certified DevOps Engineer, Azure Certified Network Engineer, Azure Certified Solutions Architect, Azure Administrator Associate, will be an advantage.
• Certifications relevant to the services provided (certifications carry additional weightage on a candidate’s qualification for the role)
• Terraform
• Azure,
• Sentinel
• EDR Defender for Cloud
• Microsoft Security
• Devops Ci/CD Pipelins
• Azure Governance (Defender for Cloud, Azure Policies, Secure Score and Compliance)
• Version Control (Git)
• Microservices (Kubernetes, Azure Containers)
• Azure / AWS/ GCP Infrastructure (IaaS, PaaS, SaaS)
• Azure Infrastructure as Code
• Azure Administration
• Hybrid Cloud
• Networking (Firewalls, LAN, VPN)
• Automation
• MS Office365
• Power BI Administration
• Scripting (PowerShell)
• ZTNA

Required Experience:

• 10 years’ experience in the same role of similar worked experience.
• Extended demonstrated experience in information security or cybersecurity, or related roles
• Kusto Query Language (KQL)
• JavaScript Object Notation (JSON)
• Git
• Azcli

Azure specific:

• Log Analytics Workspace functions
• Log Analytics Workbooks
• Logic apps
• Sentinel Analytics rules
• Sentinel Automation rules
• Sentinel Watchlists
• API Connections and Storage accounts