EDR Analyst

Continue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can continue to grow, belong, and thrive.

Your career here is about believing in yourself and seizing new opportunities and challenges. It's about expanding your skills and expertise in your current role and preparing yourself for future advancements. That's why we encourage you to take every opportunity to further your career within our great global team.

Grow Your Career with NTT DATA

The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group.

The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests.

The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required.

What you'll be doing

Key Responsibilities:

• Min 3 Years exp in EDR and Trend Micro.
• The vendor should assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities.
• The vendor should deploy EDR agents on endpoints, servers, and critical systems within the organization's network.
• The vendor should configure EDR agents to collect and analyze security events and activities on endpoints.
• The solution should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior.
• The solution should use behavioral analysis and machine learning to detect advanced threats and zero-day attacks.
• The solution should generate real-time alerts for potential security incidents and provide guidance for incident response and remediation.
• The vendor should enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks.
• The solution should capture and store detailed endpoint activity logs and artifacts for further analysis.
• The vendor should integrate the tool with vulnerability management systems to assess the endpoint's security posture.
• The EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms.
• The solution should alert and remediate endpoints with outdated or vulnerable software configurations.
• The solution should provide real-time alerts for anomalies that could indicate potential threats.
• The vendor should ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc.
• The solution should correlate network anomalies with potential threats, aiding in early threat detection.
• The vendor is expected to deliver reports at periodic intervals as per Client's requirements.
• The vendor should re-deploy the agent as and when there is a change in the infrastructure or the operating systems.

Knowledge and Attributes:

• Ability to communicate and work across different cultures and social groups.
• Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
• Ability to maintain a positive outlook at work.
• Ability to work well in a pressurized environment.
• Ability to work hard and put in longer hours when it is necessary.
• Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
• Ability to adapt to changing circumstances.
• Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience).
• CEH certification is must.

Required Experience:

• Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization.
• Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.).
• Working knowledge of ITIL processes.

Workplace type:

On-site Working

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Accelerate your career with us. Apply today

---