Security Analyst

Job Title: Security Analyst

Location: UK remote with travel as and when required

Shift Pattern: 24/7 shift rota

About GTT:

A leading global technology services company is seeking a Security Analyst to join its dynamic and innovative Cyber Security Operations Centre

GTT is an international provider of enterprise-grade network, computing, and security services. As the owner and operator of Europe's largest cloud services platform, GTT is uniquely positioned to deliver comprehensive Unified ICT services to enterprise clients, with a strong emphasis on security. For more information on GTT, please visit www.gtt.net.

Role Summary:

The CSOC team at GTT specializes in providing Managed Detection and Response (MDR) services that meet and exceed government and certification body standards. Collaborating closely with our high-value customer base, the team delivers a wide range of security services, including Security Incident & Event Management, ensuring top-notch protection and peace of mind for our clients.

The GTT SIEM platform is essential for identifying customer security incidents. One of the primary tasks of our security analysts is to deeply analyse the outputs of the SIEM environment and guide our customers toward effective remediation actions, successfully mitigating risks to their corporate and hosted environments

Duties and Responsibilities:

• Providing analysis of SIEM alerts leading to enhanced customer security
• Work with customers to enhance security incident response procedures
• Enhance internal investigation process and identify additional toolsets required for rapid incident turnaround
• Be part of a 24/7 customer support team providing first level diagnosis for our hosting and network customers.
• Identifying improvements and advising on best practice.
• Manage 3rd party vendor support as required.
• Adhere to team processes and the direction of the team
• Work with Senior analysts / engineers to implement platform optimizations and tuning through structured change process
• Perform upgrades to SIEM environment from operating system to application to ensure highest level of platform security

Required Experience/Qualifications:

• Proficiency in Security Information and Event Management (SIEM) platforms.
• Demonstrated experience in analysing and responding to security incidents.
• Strong understanding of cybersecurity principles and best practices.
• Experience in threat detection, analysis, and mitigation.
• Familiarity with incident response procedures and playbooks.
• Excellent analytical and problem-solving skills.
• Strong communication skills to collaborate effectively with stakeholders and customers.
• Relevant security qualifications are a plus

Hours/Travel/Shift:

• Varied shift hours: Occasional extended hours may be required during critical incidents and platform upgrades. Travel required; SC clearance will be required.

Core Competencies

• Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with high levels of precision.
• Managing Multiple Priorities: Knowledge of effective self-management practices; ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
• Problem Solving: Knowledge of approaches, tools, and techniques for recognizing, anticipating, and resolving organizational, operational, or process problems; ability to apply knowledge of problem-solving appropriately to diverse situations.
• Root Cause Analysis: Knowledge of the concepts, principles, and techniques of root cause analysis (RCA); ability to use a structured approach to identify the underlying causes of problems in a particular environment and the changes needed to prevent recurrences.
• Cybersecurity Practices: Understanding of cybersecurity principles, protocols, and best practices; ability to apply security measures to protect network and data assets.
• IP Technologies and Protocols: Basic theoretical knowledge of IP technologies and protocols.

Universal Competencies

• Continuous Improvement: Expertise in driving transformation initiatives that lead to significant changes, enhancing responsiveness and efficiency in core business practices. Ability to foster a results-oriented culture from a best-effort mindset.
• Customer-Centric Approach: Proficiency in creating a customer-focused environment, promoting accountability, collaboration, and partnership. Capability to cultivate a culture that prioritizes customer value creation at every level of the organization.
• Operational Excellence: Knowledge of system-driven processes to ensure consistency and scalability. Ability to re-engineer processes and systems to shift from integration activities to maximizing positive customer impact while anticipating future trends.