Principal Information Security Analyst

**Principal Information Security Analyst - Managed Services**

Join our growing global NTT team and you'll be part of the world's largest ICT company (by revenue). We've combined the capabilities of 28 remarkable companies to become one, leading technology services provider. Together, we help our people, clients, and communities do great things with technology to create a more secure and connected future. We employ 40,000 people across 57 countries. By bringing together the world's best technology companies and emerging innovators, we work together to deliver sustainable outcomes to businesses and the world. Innovation is part of our DNA. We believe it's key to what makes us different. So, we strive to move forward, challenge the status quo, and drive excellence through the technologies we integrate and the services we deliver around the world. The result is connected cities, connected factories, connected healthcare, connected agriculture, connected conservation, connected mobility, and connected sport. Together we enable the connected future.

**Want to be a part of our team?**

NTT is looking for a **Principal Managed Services Information Security Analyst - Managed Services **to join our managed services team in a permanent position. This person can be located in either Sydney or Melbourne.

As a CSIR engineer, a major part of the role will be to act as a SOC (Security Operations Center) consultant to provide expertise and guidance to organisations in setting up, managing, and improving their SOC capabilities.

The day may begin by looking over dashboards, and reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. also prepare for and respond to system breaches or attacks. These processes might differ between slients, but they generally include responding to hacks or network insecurities and working to prevent new ones.

You will also be required to participate in a shift roster which may comprise of shifts business hours and after hours.

**Working at NTT**
- Assessing SOC maturity: Evaluating the existing SOC setup and capabilities of an organisation to identify strengths, weaknesses, and improvement areas.
- Developing or refining the SOC infrastructure, the architecture, tools, processes, and workflows of a SOC to ensure effective and efficient detection, analysis, and response to security incidents.
- Implementing security technologies when necessary: Assessing, selecting, and implementing various security technologies such as SIEM, SOAR systems, intrusion detection systems, threat intelligence platforms, and incident response tools.
- Support the Security Management Lifecycle including:

- Real-time Monitoring
- Incident investigation.
- Research.
- Correlation.
- Trending.
- Remediation.
- Setup and configure SIEM, including data analysis, rule creation. establish thresholds, reference lists, and other duties.
- Setup, investigate, and advanced troubleshooting of log transport agents.
- Developing security policies and procedures: Assisting in developing, documenting, maintaining SOC standard operating procedures (SOPs), incident response plans, playbooks, and other security policies to ensure consistent and effective operations. Actively participate in process improvement with other team members and Wider team.
- Incident analysis and response: Assisting SOC analysts by providing guidance and support in analyzing security events, investigating incidents, and responding to cyber threats and attacks.
- Process improvement and optimization: Continuously improving and optimizing SOC processes, workflows, and tools to enhance efficiency, accuracy, and effectiveness in threat detection and response.
- Threat intelligence analysis: Collaborating with other teams or external threat intelligence providers to gather, analyze, and interpret threat intelligence to identify emerging threats and implement proactive measures. Research and recommend mitigation strategies for current and future threats relevant to the Clients environment.
- Compliance and regulatory requirements: Ensuring that SOC operations align with applicable standards, regulations, and best practices, such as ISO 27001, NIST, PCI DSS, or industry-specific compliance requirements.
- Incident reporting and communication: Preparing reports and communicating security incidents, vulnerabilities, and findings to stakeholders, management, and internal or external auditors as necessary.
- Collaborating with internal teams: They work closely with other teams, such as network and system administrators, to ensure proper integration and coordination of security monitoring tools and systems
- Managing stakeholder expectations and assisting in the reduction of the impact of a cybersecurity event or incident.
- Provide proactive, constant, and clear communication on the status of incident/problem resolution between the client, NTT, and any other third-party supp