Experience Inc. Jobs

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Cyber Security Engineer is responsible for maintaining and supporting the security infrastructure for NTT CSD and its clients. The role is operational on a daily basis focusing on design, implementation and support of the following platforms: Endpoint Management, Endpoint Protection, EDR, Network Security, Vulnerability Management, Firewall Rule Management and Secure Web Gateway/Proxy. Additional responsibilities include process definition, documentation of platforms/ process, delegation of repetitive tasks, overseeing incident resolution activities, reporting status and activities, managing, and executing assigned project tasks or small projects including major version upgrades, transitions of service for clients, productivity enhancements, and integration with NTT CSD infrastructure.

What you'll be doing

Key Responsibilities:

• Works as part of a 24/7 team working on rotational shifts.

• Works as part of Platform and Content Engineering handling tunings, stake holder requests, escalations, reporting, trainings.

• Provide day-to-day application support of the servers and infrastructure

• Administers the organization's security tools to gather security logs from environment.

• Performs lifecycle management of the supported security tools/technologies, Break-fix, Patching, Live update.

• Adheres to SOPs and notify stake holders on log flow/log format issues.

• Documents best practices.

• Identifies opportunities to make automations which will help the incident response team.

• Performs security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics, and a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure.

• Carries out agreed maintenance tasks.

• Ensures usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required.

• Performs defined tasks to monitor service delivery against service level agreements and maintains records of relevant information.

• Investigates causes of incidents and seeks resolution.

• Escalates unresolved incidents and follow up until incident is resolved.

• Provides service recovery, following resolution of incidents.

• Documents and closes resolved incidents according to agreed procedures.

• Investigates and identifies root cause of incidents and assist with the implementation of agreed remedies and preventative measures.

• Maintains knowledge of specific specialisms, provides detailed advice regarding their application.

• Ensures efficient and comprehensive resolution of incidents, including ensuring that repairs are carried out by coordinating product requests, working with other team members.

• Logs all such incidents in a timely manner with the required level of detail with all the necessary.

• Cooperates with all stakeholders including client IT environments, vendors and carriers to expedite diagnosis of errors and problems and to identify a resolution.

Knowledge and Attributes:

• In-depth knowledge and expertise in one or more of the following platforms: endpoint protection, data loss prevention, endpoint management, EDR, vulnerability management, firewall rule management and secure web gateway/ proxy.

• Must be able to provide guidance on architecture and design, data flows, data model, Server/ endpoint configuration, and troubleshooting

• Functional knowledge of current platform technologies managed by security products including SQL, IIS, Windows, Linux, and MAC

• Knowledge of common scripting tools, PowerShell, Python, Bash

• Strong, in-depth analytical and problem-solving skills

• Good awareness and experience in a wide range of security tools

• Excellent spoken and written communication skills.

• Good organizational and project management skills

• Team player able to lead a small project team when required and also work independently

• Ability to effectively interact with other IT Services professionals and communicate clearly with native and non-native English speakers throughout the world

• Bachelor's degree in a technical/creative discipline or equivalent work experience in IT or Information Security

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent in Information Technology or related field.

• Relevant level of Networking certifications such as CCNA, JNCIA, ACCA, PCNSA, CCSA etc. preferred.

• Relevant level of Security certifications such as AZ-500, SC-200, Security+, CEH, CISSP, CISM etc. will be added advantage.

Required Experience:

• Bachelor's and 7 years or more experience in a security engineer role supporting enterprise level security management; may accept additional experience in lieu of degree.

• Five (5) years or more experience in a SIEM engineer role supporting enterprise level security management; may accept additional experience in lieu of degree.

• 3+ years of direct experience in deploying, configuring, and maintaining a SIEM platform, and integrating with other security products and data sources

• Demonstrated expertise in developing new SIEM use cases, managing SIEM environment, and supporting security incident investigation and response activities

• Certifications such as CISSP, CISM, GIAC, or SIEM certification are highly preferred

• Experience with IBM Qradar is preferred

• Good to have content development in SIEM platforms like Palo Alto XSIAM, Microsoft Sentinel

• Seasoned experience in technical support to clients.

• Seasoned experience in diagnosis and troubleshooting.

• Seasoned experience providing remote support in Security Technologies.

• Seasoned experience in SOC/CSIRT Operations.

• Seasoned experience in handling security incidents end to end.

• Knowledge on networking, Linux and security concepts.

• Seasoned experience in configuring/managing security controls such as Firewall, IDS/IPS, EDR, NDR, UTM, Proxy, SOAR, HoneyPots and other security tools.

• Knowledge on log collection mechanism such as Syslog, Log file, DB API.

• Knowledge in security architecture.

• Seasoned experience in Security engineering.

Workplace type :

Hybrid Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.