Tier 2 Security Operations Centre (SOC) Analyst at NTT Ltd

• Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary.
• Assists in incident response for confirmed incidents.
• Assists in the implementation and monitoring of security controls, including Endpoint Detection and Response, vulnerability management tools, and Web Application Firewalls.
• Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities.
• Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.
• Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls.
• Reviews Cyber Threat Intelligence to advise efforts on optimisation of security controls and detection engineering
• Documents security breaches and assess the impact.
• Works with the security team to perform tests and uncover network vulnerabilities.
• Fixes detected vulnerabilities within approved timelines.
• Installs, tests and evaluates new technology for adoption by the Security Operations Centre
• Researches security enhancements and makes recommendations to management.
• Stays abreast of information technology trends and security standards.
• Contributes to security awareness initiatives by creating training materials, conducting workshops, and training employees on best security practices.
• Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.
• Assists in the management and maintenance of security tools, including endpoint security, encryption tools, and security information and event management (SIEM) systems.
• Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization.
• Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects.
• Performs any other related task as required.

• Good communication skills to effectively convey technical information to non-technical stakeholders.
• Good analytical thinking and problem-solving skills to mitigate cybersecurity incidents.
• Ability to perform basic malware analysis
• Ability to investigate security incidents across the cyber kill chain and assess potential risk.
• Understands firewalls, SOAR, SIEM, endpoint security, and case management concepts.
• Understands patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
• Proficiency with Windows and Linux OS.
• Familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR, DPA).
• Basic understanding of network and system architecture, protocols, and security controls.
• Ability to analyze security incidents and assess potential risks.
• Ability to work both independently and collaboratively in a fast-paced environment.

• Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related.
• Security Operations certifications such as CompTIA Security+, CompTIA Pentest+, Blue Team Level 1, Blue Team Level 2, Certified Cyber Defender (CCD) or similar certifications advantageous.
• Vendor certifications on SIEM, Cloud and Networking are advantageous

Myjobmag