Security Operations Manager

**Security Operations Manager**

In a constantly changing world, we work together with our people, clients and communities to enable them to fulfill their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure. At NTT, we encourage you to remain continuously curious, as that is what keeps you fast, flexible and relevant. No two days will be the same but that is what will help you grow and realize your full potential.

The power is in your hands to do great things. It’s time to lead the change, be the authentic you, to solve difficult challenges, to set the pace of change and to unleash your potential.

**Want to be a part of our team?**

This role is responsible to manage critical and high-risk exposures in the daily operation of real-time threat management activities.

This senior technical resource facilitates problem resolution and mentoring for the overall team. This includes operational security tasks such as performance and availability monitoring, log monitoring, security incident detection and response, security event reporting, and content maintenance (tuning).

**Working at NTT**

**Australian Citizen with NV1 Security Clearance required.**

The Security Operations Manager has responsibility for managing the day-to-day delivery of the services with a focus on ensuring the security of the customer platform:

- Attending architecture and design workshops to provide security context to proposed changes to the Departments platform architecture.
- Managing of end-to-end delivery of Platform Management ensuring security posture is maintained.
- Working with the Department's Cyber Security Operations Centre (CSOC) for security incidents and events, coordinating remediation activities with Technical Hub resolver groups.
- Attending regular governance meetings and operational forums.
- Performing change impact analysis to assess security impact and considerations.
- Managing all aspects of security operations (technical and well as IcM response)
- Security Incident Management and coordinating effort across NTT and the Department
- Includes IR response documents, Event management, PIR etc
- GRC reporting, assisting with audits etc.
- Manage weekly sprints in Threat Hunting analytics.
- Monitor events for suspicious events, investigation, and escalate where applicable.
- Maintain an understanding of current and emerging threats, vulnerabilities, and trends.
- Prioritise threat analysis based on risks associated with each threat and working with the appropriate teams to ensure related communications are in line with company best practice and recommendations.
- Act as the primary technical lead for the Computer Incident Response Team (CIRT), coordinating the work of technical staff from various departments, as well as the work of third-party technical experts.
- Design automated scripts, automated contingency plans, and other programmed responses which are launched when an attack against company systems has been detected**.**:

- Design, specify, program, debug, and oversee the work of others related to middleware, and other system integration tools, which tie multiple security monitoring systems together so as to better meet company information security needs.
- Perform post-mortem analysis with logs, network traffic flows, and other recorded information to identify intrusions by unauthorized parties, as well as unauthorised activities of authorised users.
- Review incident and problem management reports to identify potential security weaknesses and perform an impact and risk analysis, developing recommendations for highlighted risks, ensuring that these risks and solutions are presented to the relevant stakeholders.

**What will make you a good fit for the role?**
- **Australian Citizen with NV1 Security Clearance required.**:

- 8+ years of experience in Information Security Industry.
- Extensive experience working in a SOC/CSIRT.
- Proven expertise or knowledge of SIEM and IPS technologies.
- Experience with Wireshark, tcpdump, Remnux, decoders for conducting payload analysis.
- Experience in building SIEM rules and/or indicators of compromise for threat detection.
- Relevant Bachelor’s degree, plus qualifications GSEC, GCIA, GCIH or equivalent preferred, CISSP, CISM, CISA, CEH, CHFI and ITILSM / ICT Security / ITIL v3 highly regarded

For more information about this or other opportunities, please contact Karen Aldrich. Please quote our job reference number 646545.

**About us**

NTT Ltd. is a global ICT provider, employing more than 40,000 people in a diverse and dynamic workplace, and delivering services in over 200 countries and regions. We partner with organizations around the world to shape and achieve outcomes through intelligent technology solutions. For us, intelligent means data driven, connected, digital, and secure.

NTT is proud to be an equal opportunity employer with