About GTT
GTT provides secure global connectivity, improving network performance and agility for your people, places, applications, and clouds. We operate a global Tier 1 internet network and provide a comprehensive suite of cloud networking and managed solutions that utilize advanced software-defined networking and security technologies.
We serve thousands of businesses with a portfolio that includes SD-WAN and other WAN services, internet, security, and voice services. Our customers benefit from a customer-first service experience underpinned by our commitment to operational excellence. For more information on GTT, please visit.
Role Summary:
Working out of GTT’s Advanced Services Centre of Excellence, the TIC team focuses on providing SIEM, secure hosting and network services that meet and exceed government and certification body standards. The team work closely with our high value customer base to deliver a wide range of services including Security Incident & Event management, Secure Networking and Secure Hosting. As part of the Advanced Services division, Threat Intelligence Centre is a highly rewarding and challenging team for network, systems, and security analysts.
The GTT SIEM platform is used to identify customer security incidents; one of the security analysts’ primary tasks is to take the output of the SIEM environment and perform deep analysis of the event; leading our customers to a remediation action that successfully mitigates the risk to their corporate and hosted environments. Responsible for providing tier 1 technical expertise in the support of both hardware and software solutions. Primarily Microsoft Windows, VMware, Cisco UCS, NetApp, Palo Alto, Cisco ASR and LogRhythm SIEM.
Duties and Responsibilities:
Providing analysis of SIEM alerts leading to enhanced customer security Work with customers to enhance security incident response procedures Enhance internal investigation process and identify additional toolsets required for rapid incident turnaround Be part of a 24/7 customer support team providing first level diagnosis for our hosting and network customers. Identifying improvements and advising on best practice. Manage 3rd party vendor support as required. Adhere to team processes and the direction of the SM, TIC. Work with Senior analysts / engineers to implement platform optimizations and tuning through structured change process Perform upgrades to SIEM environment from operating system to application to ensure highest level of platform security Maintain and enhance specific customer environments including firewalls, switches, and hosting platforms
Essential Criteria
SIEM Experience Happy to be on a 24/7 Shift rota Able to attain or hold SC clearance
Desired Experience/Qualifications:
LogRhythm SIEM Cisco UCS Chassis and Blade Management NetApp SAN Management VMWare 5.5 Infrastructure Symantec Anti-Virus Shavlik – Patching Tool Palo Alto NGFW Nexus 5K Cisco ASA Cisco DMVPN
Core Competencies
Accuracy and Attention to Detail:Understanding the necessity and value of accuracy; ability to complete tasks with high levels of precision.
Managing Multiple Priorities:Knowledge of effective self-management practices; ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
Problem Solving:Knowledge of approaches, tools, techniques for recognizing, anticipating, and resolving organizational, operational or process problems; ability to apply knowledge of problem solving appropriately to diverse situations.
Root Cause Analysis:Knowledge of the concepts, principles, and techniques of root cause analysis (RCA); ability to use a structured approach to identify the underlying causes of problems in a particular environment and the changes needed to prevent recurrences.
IP Technologies and Protocols:Knowledge of the features and policies of IP technologies and protocols; ability to configure, deploy and support IP-based networks and services.
IP-based Services:Knowledge of the features and functions of IP-based services; ability to configure, deploy and support TCP/IP based networks and associated services.
Troubleshooting Network Problems:Knowledge of tools and techniques to troubleshoot network problems; ability to anticipate, recognize and resolve technical (network, hardware, software, equipment or operational) problems.
Universal Competencies
Continuous Improvement:Knowledge of transformation initiatives to drive fundamental changes, enhance responsiveness and efficiency to core business practices. Ability to drive cultural changes from best effort to results oriented.
Customer First (Customer Facing):Knowledge of customer interactions, creating a culture of accountability, collaboration, and partnership. Ability to build an environment supporting customer value creation at every level.
Operational Excellence:Understanding the system-driven processes for consistency and scalability. Ability to re-focus processes and systems from integration activity to maximizing a positive customer impact and anticipating future trends.
