Managed Services Information Security Manager

NTT is a leading global IT solutions and services organisation that brings together people, data and things to create a better and more sustainable future.

In today’s ‘iNTTerconnected’ world, connections matter more now than ever. By bringing together talented people, world-class technology partners and emerging innovators, we help our clients solve some of the world’s most significant technological, business and societal challenges.

With people at the heart of our success, NTT is committed to attracting and growing the best talent and providing an environment where everyone feels they can belong and their contribution matters.

**Want to be a part of our team?**

The role of the Managed Services Information Security Manager is to work with the security tools and other security teams to monitor, analyse, interpret and report on the incoming client data for the purpose of delivering security information and recommendations to the clients, enabling NTT to deliver the contracted security services. This will include tasks such as security incident detection and response, security event reporting, threat hunting, content maintenance (tuning) and interacting with clients to ensure their understanding of the information generated, recommending client system changes as well as answering security related queries from the clients.

**Working at NTT**

**Key Roles and Responsibilities**:

- Work as part of a global Cyber Defence Centre (CDC) team that works 24/7 on rotational shifts.
- Work with client stakeholders and Information Security Manager (ISM) to tune the MSSP platform and client SIEM to enable more efficient detection, analysis and reporting
- Monitoring of the NTT security tools to review and analyse security logs from client environments
- Generate continuous improvement ideas for supported security tools/technologies, to enable improvements to the NTT services, employee experience and client experience
- Adhere to SOPs, customer Run Books and standard processes to ensure a globally consistent delivery whilst also proposing changes and improvements to these standards
- Utilise and document best practices and amend existing documentation as required
- Identify opportunities to make automations which will help the clients and security delivery teams.
- Security incident handling and response from several vectors including End Point Protection and Enterprise Detection and response tools, attack analysis, malware analysis, network forensics, computer forensics.,
- Utilise a broad range of skills in LAN technologies, Windows and Linux O/S’s, and general security infrastructure.
- Ensure usage of knowledge articles in incident diagnosis and resolution and assist with updating as and when required
- Perform defined tasks to inform and monitor service delivery against service level agreements and maintain records of relevant information
- Undertake Threat Hunting activities across both individual client estates, as well as cross client hunting
- Manage unresolved incidents and follow up until incidents are resolved
- Work closely with client delivery teams (ISM and SDM) to support their activities related to client delivery.
- Remain curious and objective to provide high quality services to the clients, beyond tools native capabilities.
- Cooperate closely with colleagues to share knowledge and build a cohesive and effective team environment, benefiting the individual, the business and the client.

**Knowledge, Skills and Attributes**:

- Seasoned, experienced professional; has complete knowledge and understanding of area of specialisation
- Uses evaluation, judgement, and interpretation to select right course of action
- Working knowledge on implementation and monitoring of any SIEM or security tools/technologies
- Knowledge on security architecture, worked across different security technologies
- Customer service orientated and pro-active thinking
- Problem solver who is highly driven and self-organised
- Great attention to detail
- Good analytical and logical thinking
- Excellent spoken and written communication skills
- Team play with the ability to work well with others and in group with colleagues and stakeholders

**Academic Qualifications and Certifications**:

- Degree or relevant qualification in IT/Computing
- Security certifications like AZ-500, SC-200, Security+, CEH, CISSP, CISM or similar Certification in different networking technologies such as CCNA, JNCIA, ACCA ,PCNSA, CCSA will be an advantage.

**Required Experience**:

- Seasoned demonstrated experience in SOC Analysis Operations
- Seasoned demonstrated experience in SIEM usage for investigations
- Seasoned demonstrated experience in Security technologies like Firewall, IPS, IDS, Proxy etc
- Seasoned demonstrated experience in technical support to clients
- Seasoned demonstrated experience in handling security incidents end to end
- Seasoned demonstrated experience in configuring/managing security controls, such as SIEM, Firewall,