Senior Cyber Security Analyst

About GTT:

GTT is a leading networking and security as a service provider for multinational organizations, simply and securely connecting people and machines to data and applications — anywhere in the world. We serve thousands of organizations, bringing together the right people, partners and technology to reduce the burden on IT teams and solve the most pressing networking and security challenges.

Built on our top-ranked global Tier 1 network, GTT Envision is a single global technology platform to connect, orchestrate, virtualize and automate enterprise networks, enabling customers with consumable solutions to achieve business missions and meet ongoing demand when, where and how needed. Our portfolio includes SASE, SD-WAN, security, internet, voice and other connectivity options, complemented by a suite of professional services and exceptional sales and support teams in local markets around the globe. We partner with our customers to deliver Greater Technology Together..

Role Summary:

The Senior Cyber Security Analyst leads enhancements to the Security Incident & Event Management (SIEM) platform to ensure the Cyber Security Operations Center (CSOC) is delivering premium services to some of our largest customers across the globe.

Duties and Responsibilities:

Management of GTT SIEM platform, specializing in Industry Best Practices Collaborate with internal teams such as Product Management, Development, and Corporate Security to identify and deliver functionality to continually improve our products using industry best practices and trending customer requirements. Act as the escalation point when issues impact a customer, driving problems to resolution and managing the communications internally and with the client. Build relationships and become a trusted advisor to customers, especially key or strategic customers. Ensure quality of team ticket handlingCommunicationsTimely responsesEscalations outside of CSOC Personalized care for sensitive customers and situations Assess and drive metrics for managed support areas, analyzing the data for improvement ideas. Develop tools, processes and communication strategies to ensure a timely and responsive approach to both customer reported and internally identified incidents. Manage 3rd party vendors escalations. Identify employee training requirements to ensure shift analysts are highly proficient with customer services and internal processes. Responsible for the following functions:Security Incident and Event ManagementWAN ComplianceMDR Responsible for ensuring efficient, quality, and consistent services across all functions within the CSOC. Identify employee training requirements to ensure shift analysts are highly proficient with customer services and internal processes. Support for presales, solutions and new product development is also required.

Required Experience/Qualifications:

5+ years’ experience with SIEM functionality and topology (splunk or Logrhytm experience).  5+ years’ experience of operational delivery in a 24x7 business critical environment (Production). Experience in a customer facing role with proven ability to collaborate and build strong relationships Hybrid Analysis CISSP preferred. Understanding of vulnerability assessment and remediation procedures including risk management. Significant understanding of security incidents, including malware, network reconnaissance and emerging threats. Strong problem solving, priority setting, facilitation, multi-tasking, analytical, and collaboration skills. Proven ability to mentor and coach junior team members. Ability to generate a sense of urgency and rally appropriate resources both internally and with third parties. Be a positive, self-motivated proactive individual who is equally comfortable engaging with customer senior management and all levels within the GTT organisation. Possess excellent listening, written and verbal communication skills. High level of initiative and integrity. Deliver the appropriate balance of business need, customer expectation and compliance requirements. Strong organizational, presentation and documentation skills. Have a can-do attitude and demonstrate a passion for new technology and learning.

Hours/Travel/Shift:

Normal Working Hours, Occasional extended hours/on-call may be required during management escalation, critical incidents and platform upgrades.

Core Competencies

Computer Crime:Knowledge of concepts, tools, and practices of dealing with computer crime; ability to detect and prevent business crimes that involve computers/networks as instruments.Firewall Management:Knowledge of firewall systems; ability to install, maintain and update firewall systems to control the access of business information, both allowing passage to authorized sources and denying passage to unauthorized sources.Information Security Administration:Knowledge of information security administration; ability to develop and apply an organization's information security policies, standards and procedures ensuring the integrity and safety of information.Information Security Technologies:Knowledge of technologies and technology-based solutions dealing with information security issues; ability to protect information security across the organization using encryption technologies and appropriate security software.Network and Internet Security:Knowledge of the tools and processes for maintaining network and Internet security; ability to develop and safeguard intrusion and unauthorized access to network.IP Network Engineering:Knowledge of the processes, tools, and techniques for IP network engineering; ability to utilize and manage IP applications for the construction, operations and support of IP-based networks and infrastructure.Virtualization Services:Knowledge of the issues, regulations, business practices, and operations of virtualization services; ability to create and support a virtual environment that separates the physical infrastructure from the logical processing.

Universal Competencies

Continuous Improvement:Knowledge of transformation initiatives to drive fundamental changes, enhance responsiveness and efficiency to core business practices. Ability to drive cultural changes from best effort to results oriented.Customer First (Non-Customer Facing):Knowledge of internal customer interactions, creating a culture of accountability, collaboration, and partnership. Ability to build an environment supporting internal customer value creation at every level.Operational Excellence:Understanding the system-driven processes for consistency and scalability. Ability to re-focus processes and systems from integration activity to maximizing a positive customer impact and anticipating future trends.

#LI-RD1