Information Security Analyst, Incident Response
NTT Corporation
- Bangalore, Karnataka
- Permanent
- Full-time
- Manages the prevention and resolution of security breaches and ensure incident and problem management processes are initiated
- Performs access management activities according to the policy
- Implements and discusses security service audit schedules, review access authorisation and perform the required access controls and testing to identify security weaknesses
- Interacts with a global team of Cyber Security Analysts and specialists
- Manages 1st level triaging of security alerts, events, and notifications
- Manages notification of internal and/or external teams according to agreed alert priority levels, and escalation trees
- Communicates status of response, resolution and final root cause analysis to the appropriate stakeholders
- Follows and updates established and/or ad-hoc processes and work instructions and create procedures where deficiencies are identified
- Logs, manages and coordinates service requests through to resolution including the identification, isolation, resolution and escalation of IT infrastructure faults
- Maintains an understanding of current and emerging threats, vulnerabilities, and trends
- Strong understanding of End Point Protection Software
- Strong understanding of Enterprise Detection and Response software
- Strong knowledge of technological advances within the information security arena
- Strong understanding of inter-relationships in an overall system or process
- Strong knowledge of information security management and policies
- Strong understanding risk management principles and frameworks is crucial for prioritizing and addressing security incidents
- Strong understanding of the organisation's business operations, goals, and objectives enables the analyst to align incident response efforts with the broader business strategy
- Ability to effectively communicate technical information to both technical and non-technical stakeholders, and end-users, as well as working with cross-functional teams during incident response
- Ability to think critically, analyze information, and solve medium to complex problems
- Bachelor’s degree or equivalent in Information Technology, Computer Science or related
- SANS GIAC Security Essentials (GSEC) or equivalent
- SANS GIAC Certified Intrusion Analyst (GCIA) or equivalent
- SANS GIAC Certified Incident Handler (GCIH) or equivalent
- Seasoned experience in a Technology Information Security Industry
- Seasoned experience or knowledge of SIEM and IPS technologies
- Seasoned experience with Wireshark or tcpdump to identify normal and abnormal/malicious traffic patterns and behaviours