Security Managed Services Engineer (L2)

Continue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can continue to grow, belong, and thrive.
Your career here is about believing in yourself and seizing new opportunities and challenges. It’s about expanding your skills and expertise in your current role and preparing yourself for future advancements. That’s why we encourage you to take every opportunity to further your career within our great global team.

Grow Your Career with NTT DATA

The Security Managed Services Engineer (L2) is a developing engineering role, responsible for providing a managed service to clients to ensure that their Security Infrastructures and systems remain operational.
Through the proactive monitoring, identifying, investigating, and resolving of technical incidents and problems, this role is able to restore service to clients.
The primary objective of this role is to proactively review client requests or tickets and apply technical/process knowledge to resolve them without breaching service level agreement (SLA) and focuses on second-line support for incidents and requests with a medium level of complexity.
The Security Managed Services Engineer (L2) may also contribute to / support on project work as and when required.

What you'll be doing

Key Responsibilities:

• Min 4+ Years exp in Soc along with SIEM (Splunk).
• Min 2 years Hands on exp in Splunk.
• Configure and maintain the SIEM system, ensuring that it's properly set up to collect and analyze security event data. Develop, customize, and manage security rules within the SIEM to detect and respond to security threats. Monitor SIEM alerts, investigate them, and take appropriate actions based on the severity and nature of the alerts. Oversee the collection, normalization, and storage of log data from various sources.
• Develop and document incident response procedures, and lead or assist in incident response efforts when security incidents occur. Analyze and investigate security events from various sources. Manage security incidents through all incident response phases to closure. Utilize SIEM, SOAR, UEBA, EDR, NBAD,
• PCAP, Vulnerability Scanning, and Malware analysis technologies for event detection and analysis.
• Update tickets, write incident reports, and document actions to reduce false positives. Develop knowledge of attack types and finetune detective capabilities.
• Identify log sources and examine system logs to reconstruct event histories using forensic techniques.
• Align SIEM rules and alerts with the LIC’s security policies and compliance requirements.
• Conduct computer forensic investigations, including examining running processes, identifying network connections, and disk imaging.
• Maintain and support the operational integrity of SOC toolsets.
• Collaborate with SIEM solution vendors for updates, patches, and support to ensure the system's reliability and effectiveness.
• Maintain thorough documentation of the SIEM system's configuration, procedures, and incident response plans.
• Proactively identify and report system security loopholes, infringements, and vulnerabilities to the Security Operations Centre Manager in a timely manner.
• Work closely with other IT and security teams during incident response, coordinating efforts and sharing information to mitigate security incidents effectively.
• Ensure that the SIEM system helps the LIC meet regulatory compliance requirements and is ready for security audits.
• Continuously optimize the SIEM system for efficient performance, ensuring it can handle the volume of data and remain responsive.
• Develop automation scripts and workflows to streamline common security response tasks and enhance efficiency.

Knowledge and Attributes:

• Ability to communicate and work across different cultures and social groups.
• Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
• Ability to maintain a positive outlook at work.
• Ability to work well in a pressurized environment.
• Ability to work hard and put in longer hours when it is necessary.
• Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
• Ability to adapt to changing circumstances.
• Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience).
• Active CEH certification is Must.

Required Experience:

• Moderate level of relevant managed services experience handling Security Infrastructure.
• Moderate level of knowledge in ticketing tools preferably Service Now.
• Moderate level of working knowledge of ITIL processes.
• Moderate level of experience working with vendors and/or 3rd parties.

Workplace type:

On-site Working

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Accelerate your career with us. Apply today