Security Quality Analyst

About GTT

GTT provides secure global connectivity, improving network performance and agility for your people, places, applications, and clouds. We operate a global Tier 1 internet network and provide a comprehensive suite of cloud networking and managed solutions that utilize advanced software-defined networking and security technologies.

We serve thousands of businesses with a portfolio that includes SD-WAN and other WAN services, internet, security, and voice services. Our customers benefit from a customer-first service experience underpinned by our commitment to operational excellence. For more information on GTT, please visit www.gtt.net.

Role Summary

The CSOC team at GTT focuses on providing SIEM, secure hosting and network services that meet and exceed government and certification body standards. The team work closely with our high value customer base to deliver a wide range of services including Security Incident & Event management, Secure Networking and Secure Hosting.

Your responsibilities will be to monitor and identify emerging threats, perform proactive threat hunting in the SIEM platform, and develop comprehensive playbooks for effective threat response. There will be a key requirement to collaborate with customers to identify use cases and deploy security measures, train security analysts on new alarms and playbooks, and generate detailed reports for service management. You will need to conduct regular quality checks on security investigations and report findings to senior management and actively participate in customer meetings to provide insights and support.

Duties and Responsibilities

• Perform Regular Quality Checks on Security Investigations: Conduct regular quality checks on performed security investigations and report findings to senior management.
• Identify Emerging Threats: Continuously monitor and identify new and emerging threats to stay ahead of potential security risks.
• Threat Hunt in SIEM Platform: Perform proactive threat hunting activities within the SIEM platform to enhance threat detection capabilities.
• Build Out Playbooks for Threats: Develop and maintain comprehensive playbooks for identified threats to ensure consistent and effective response procedures.
• Work with Customers to Identify Potential Use Cases and Deploy: Collaborate with customers to identify potential use cases and deploy appropriate security measures.
• Train Security Analysts on New Alarms and Playbooks: Provide ongoing training to security analysts on new alarms and playbooks to ensure they are well-prepared to handle emerging threats.
• Provide Reporting to Service Management for Customer Meetings: Generate detailed reports on threat hunting activities and provide these to service management for customer meetings. Support these meetings as needed.
• Support Customer Meetings: Actively participate in customer meetings to provide insights and support based on threat hunting and security operations activities.

Required Experience/Qualifications

• Proficiency in Security Information and Event Management (SIEM) platforms. Demonstrated experience in analysing and responding to security incidents.
• Strong understanding of cybersecurity principles and best practices.
• Experience in threat detection, analysis, and mitigation.
• Familiarity with incident response procedures and playbooks.
• Excellent analytical and problem-solving skills.
• Strong communication skills to collaborate effectively with stakeholders and customers.
• Relevant security qualifications are a plus

Hours/Travel/Shift

• Normal Working Hours, occasional extended hours may be required during critical incidents and platform upgrades. Travel required; SC clearance will be required