Want to be a part of our team
Provides technical support to field engineers, technicians, and product support personnel who are diagnosing, troubleshooting, repairing, and debugging complex electro/mechanical equipment, computer systems, complex software, or networked and/or wireless systems.
Responds to situations where first-line product support has failed to isolate or fix problems in malfunctioning equipment or software. Reports design, reliability, and maintenance problems or bugs to design engineering/software engineering. May be involved in customer installation and training.
Provides support to customers/users where the product is highly technical or sophisticated in nature.
Working at NTT
The SOC L3 is responsible for providing service to clients by proactively identifying and resolving technical incidents and problems. Through preemptive service incident and resolution activities, as well as product reviews, operational improvements, operational practices, and quality assurance this role will maintain a high level of service to clients. Their primary objective is to ensure zero missed service level agreement (SLA) conditions. The SOC L3 is responsible for managing tickets of low to high complexity.
Key Roles and Responsibilities:
NG SIEM (SIEM+SOAR+UEBA) Tool Overall Administration,
Management, Backup & Archival, Troubleshooting
Upgrade/Update/Patching of NG SIEM Solution
Monitor NG SIEM Console & Dashboards and provide response &
support to remote SOC team for Incidents.
Support the day to day operation of deployed NG SIEM.
Perform initial analysis for known issues and provide the
appropriate recommendations for closure.
Monitor & Reporting of system components health and take
necessary action in case of any observed issue.
Provide notification and communication with Incident
management and respective application team upon threat
detection.
Perform analysis on the reported incidents, determine the root
cause, and recommend the appropriate solution.
Integration of NG SIEM with IS infrastructure (Existing/Future) but
not limited to like IPS, WAF, Patch Management, Firewall, Anti-APT
solution, Antivirus, EDR, AD, ERP, DLP, VMT, Exchange, SharePoint,
Network Devices, Web Services, Custom applications etc. & also on
respective version upgrade(s)
Develop appropriate use cases/playbooks/models/reports and
alerts & develop custom parsers/connectors for integrating logs
wherever necessary or required.
Integration of SIEM/SOAR/UEBA Tool with security/non-security
solutions based on requirement & architecture and develop/modify
appropriate use cases/rules, playbooks/models, reports and alerts.
Use and apply learnings from incident and provide
recommendation for standardizing the NG SIEM Solution.
Reduction of False Positives by fine tuning existing correlation
rules/configuration/playbooks/models
Automation with continuous improvements, Reduction in MTTR,
MTTD
Develop and implement processes for interfacing with operational
teams and other supporting teams.
Ensure the NG SIEM integration is intact among the Client SOC
solutions, other assets
Design, create and customize the dashboards as per the client
requirements.
Ensure the necessary client SOC documents like operating
procedures, configuration management, Low Level Design etc. are
up to date with the changes made in their respective areas.
Automating Day to Day Tasks related with NG SIEM Operations (but
not limited to)
Above is illustrative list of general activities. All Technology specific
activities Related to NG SIEM to be carried out.
Use and apply learnings from incident and provide
recommendation for standardizing the NGSIEM Solution.
Ensure the SIEM integration is intact among the SOC
solutions, other assets
Design, create and customize the dashboards/reports as per the
client requirements.
Support on boarding and maintenance of a wide variety of data
sources to include various OS, appliance, and application logs.
Create Custom queries, custom dashboards, and visualizations
Create and manage NG SIEM knowledge objects to include apps,
dashboards, saved and scheduled searches and alerts.
Support access requests and modifications and permissions
Support troubleshooting and remediation of issues as they arise
with data ingestion and NG SIEM infrastructure
Work on Improvement of overall posture of NG SIEM deployment
to achieve Best return on investment.
Monitor & report on cyber threats and suggest any changes needed
to protect the organization in SIEM, Leading End-to-End
Implementation of the suggested changes.
Should have a very good understanding on MITRE attack & NIST
framework.
Threat Hunting Requirements
of data and create alerts that are passed on to analysts.
Framework which contains: Create Strategic Hunt Missions which
are objective based to identify malicious activity that has not
triggered an alert. Search for Indicators of Compromise received
from Threat Intelligence and Analytics
vectors such as malware, web application attacks, network attacks,
watering hole attacks, DNS attacks, insider threat, and data
exfiltration but not limited to. List the detection use cases which can
detect above attacks using pre-built machine learning techniques
and analytical models.
sources to identify malicious activity. A minimum the following
sources should be used but not limited to:
IPS/IDS, Proxy, FW, WAF, Anti APT, EDR, AV, Internet/Mail gateway,
Windows & Linux logs, DNS.
Cyber Kill chain.
for better detection of advanced attacks. Network sources should
include Net flow, Proxy, DNS, IPS, VPN, Firewall, WAF,
AD/Windows, Email logs etc.
enable hunting for attacks including but not limited to Lateral
Movement, Malware Beaconing, Data Exfiltration, Watering Hole,
Targeted network attacks, Dynamic DNS attacks
undiscovered communication patterns to uncover hidden,
advanced threats missed by automated, preventative and detective
controls & detect suspicious trends. Service must support detection
of newly discovered pattern in future.
applications (e.g. file sharing, peer-to-peer, etc.)
Skills Summary
Automation Tools, Cloud Security, Firewalls, Local Area Network (LAN), Palo Alto Networks Prisma Access Secure Access Service Edge (SASE), Security Technologies, TCP/IP Networking, Threat Management
What will make you a good fit for the role
Remote Type:
Equal Opportunity Employer
NTT is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category
Job Description VOIS Introduction _VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing...
Apply For This JobTelecommunication carriers managers plan, organize, direct, control and evaluate the operations of a telecommunications establishment, department or facility. They are...
Apply For This JobJob Description Company Description At ServiceNow, our technology makes the world work for everyone, and our people make it possible....
Apply For This JobJob Description :Job summaryToday, Amazon Web Services provides a highly reliable, scalable, low-cost infrastructure platform in the cloud that powers...
Apply For This JobJob Description Leading societies to a low carbon future, Alstom develops and markets mobility solutions that provide the sustainable foundations...
Apply For This JobJob Description Sr. Embedded Software Engineer – L4 Experience: 8+ years Salary : EUR 2,560 – 3,600 / month Expected...
Apply For This Job