Information Security Specialist, Incident Response L2
NTT
Prague, Czechia
před 1 dnem

At NTT we believe that by using innovative technology we can solve global challenges and create a world that is sustainable and secure.

We are looking for curious people, from diverse backgrounds, that are keen to work in a fast-paced and agile environment.

At NTT we trust our employees to do the right thing, even when no one is watching, which is why we offer flexibility in the workplace.

The majority of our roles are hybrid, meaning we encourage a balance of working from home and our local office. Ask our recruitment team if this is a hybrid role.

Want to be a part of our team?

This role is responsible for detecting and monitoring escalated threats and suspicious activity affecting NTT Ltd’s technology domain (servers, networks, appliances and all infrastructure supporting production applications for the enterprise, as well as development environments).

This individual acts as the technical second responder for the Computer Security Incident Response Team (CSIRT), support the work of technical staff from various departments as well as third party technical experts.

Working at NTT

Key Roles and Responsibilities :

  • Manage the prevention and resolution of security breaches and ensure incident and problem management processes are initiated.
  • Perform access management activities according to the policy.
  • Implement and discuss security service audit schedules, review access authorization and perform the required access controls and testing to identify security weaknesses.
  • Interact with a global team of Cyber Security Analysts and specialists
  • 2nd level triaging of security alerts, events, and notifications
  • Notification of internal and / or external teams according to agreed alert priority levels, and escalation trees
  • Communicate status of response, resolution and final root cause analysis to the appropriate stakeholders
  • Ability to follow and update established and / or ad-hoc processes and work instructions and create procedures where deficiencies are identified
  • Logging, managing and coordinating service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
  • Maintain an understanding of current and emerging threats, vulnerabilities, and trends
  • Knowledge, Skills and Attributes :

  • Communicates information security risks and issues to business managers and others. Performs basic risk assessments for small information systems.
  • Contributes to vulnerability assessments. Applies and maintains specific security controls as required by organizational policy and local risk assessments.

    Investigates suspected attacks. Responds to security breaches in line with security policy and records the incidents and action taken.

  • Actively maintains knowledge in one or more identifiable specialisms. Provides detailed and specific advice regarding the application of their specialism(s) to the organization'
  • s planning and operations. Recognizes and identifies the boundaries of their own specialist knowledge.

  • Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organization.
  • Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business.
  • Refers to domain experts for guidance on specialized areas of risk, such as architecture and environment. Co-ordinates the development of countermeasures and contingency plans.

  • Investigates minor security breaches in accordance with established procedures. Assists users in defining their access rights and privileges.
  • Performs non-standard security administration tasks and resolves security administration issues.

  • Investigates problems in systems, processes and services. Assists with the implementation of agreed remedies and preventative measures.
  • Following agreed procedures, identifies, registers and categorizes incidents.
  • Gathers information to enable incident resolution and promptly allocates incidents as appropriate.
  • Academic Qualifications and Certifications :

  • Relevant Degree
  • SANS GIAC Security Essentials (GSEC) or equivalent preferred
  • SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent preferred
  • SANS GIAC Certified Incident Handler (GCIH) or equivalent preferred
  • Required Experience :

  • At least 4 years’ experience in a Technology Information Security Industry
  • End Point Protection Software
  • Enterprise Detection & Response software
  • Experience or knowledge of SIEM and IPS technologies
  • Experience with Wireshark or tcpdump to identify normal and abnormal / malicious traffic patterns and behaviors
  • Sound knowledge of technological advances within the information security arena
  • Demonstrated understanding of complex inter-relationships in an overall system or process
  • Sound knowledge of information security management and policies
  • What will make you a good fit for the role?

    Join our growing global team and accelerate your career with us. Apply today.

    Equal opportunity employer

    NTT is proud to be an equal opportunity employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment.

    We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category.

    Nahlásit tuto nabídku
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Požádat
    Můj e-mail
    Kliknutím na "Pokračovat", souhlasíte s tím, že neuvoo sbírá a zpracovává vaše osobní údaje, které jste poskytli v tomto formuláři, aby vytvořili neuvoo účet a přihlásili vás k odběru emailových upozornění v souladu s naší Ochranou Osobních Údajů . Váš souhlas můžete vzít kdekoliv zpět, následováním těchto kroků .
    Pokračovat
    Žádost