Principal Security Analyst at NTT Ltd.

Your day at NTT DATA

• The Principal Information Security Analyst is a highly skilled subject matter expert, responsible for designing and implementing security systems to protect the organization's computer networks from cyber-attacks, and to help set and maintain security standards.
• This role is required to monitor the organization's computer networks for security issues, install security software, and document any security issues or breaches found.
• The Principal Information Security Analyst is responsible for assisting in the planning, implementation, and management of information security measures to safeguard the organization's digital assets and systems and contributes to maintaining a secure and compliant environment and executes on leadership initiatives.

Key responsibilities:

• Monitors security alerts and events from various sources, investigates potential threats, and escalates incidents as necessary.
• Assists in the implementation and monitoring of security controls, including firewalls, intrusion detection systems, and access controls.
• Performs regular vulnerability assessments, analyses scan results, and assists in prioritizing and remediating identified vulnerabilities.
• Supports the incident response team in investigating security incidents, documenting findings, and participating in remediation efforts.
• Assists in ensuring compliance with industry standards (for example, GDPR, ISO 27001) by conducting assessments and implementing necessary controls.
• Installs security measures and operates software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Documents security breaches and assess the damage they cause.
• Works with the security team to perform tests and uncover network vulnerabilities.
• Fixes detected vulnerabilities to maintain a high-security standard.
• Develops organizational best practices for IT security and performs penetration testing.
• Upgrades systems to unable security software and installs and upgrades antivirus software.
• Tests and evaluates new technology and assists with the installation of security software and understands information security management.
• Researches security enhancements and makes recommendations to management.
• Stays abreast of information technology trends and security standards.
• Contributes to security awareness initiatives by creating training materials, conducting workshops, and educating employees about best security practices.
• Maintains accurate records of security incidents, assessments, and actions taken for reporting and audit purposes.
• Assists in the management and maintenance of security tools, including antivirus software, encryption tools, and security information and event management (SIEM) systems.
• Participates in risk assessments to identify potential security threats, vulnerabilities, and associated risks to the organization.
• Collaborates with cross-functional teams, IT, and other teams to ensure security measures are integrated into the organization's processes and projects.
• Performs any other related task as required.

To thrive in this role, you need to have:

• Excellent communication skills to effectively convey technical information to non-technical stakeholders.
• Excellent analytical thinking and problem-solving skills to prevent hacking on a network.
• Ability to identify and evaluate potential risks and to develop solutions.
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Extended proficiency in understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Extended proficiency in understanding of patch management with the ability to deploy patches in a timely manner whilst understanding business impact.
• Excellent proficiency with MAC and OS.
• Extended familiarity with security frameworks, standards, and regulations (for example, NIST, CIS, GDPR).
• Extended proficiency of understanding in network and system architecture, protocols, and security controls.
• Strong analytical skills to analyse security incidents and assess potential risks.
• Ability to work both independently and collaboratively in a fast-paced environment.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in information security, cybersecurity, computer science, or related.
• Security certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM) are advantageous.

Required experience:

• Extended demonstrated experience in information security or cybersecurity, or related roles.
• Extended demonstrated experience working in a global IT organization.
• Extended demonstrated experience with computer network penetration testing and techniques.
• Extended demonstrated experience with security assessment and vulnerability scanning tools.