Security Specialist

Req ID: 115041

NTT DATA Services strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Specialist to join our team in TORONTO, Ontario (CA-ON), Canada (CA).

• Summary of Essential Job Functions:
  • Providing first-line response and initial management of any new or developing cybersecurity-related issues
  • Enhanced level triage and assessment of security events to determine the risk to the business.
  • Utilizing "kill chain" methodologies, effectively determine risk prioritized response, investigate security events, and make clear recommendations on mitigation.
  • Review and interpret alerts, events, and system alarms using SIEM, other tools, behavioral analytics, and network analysis while providing evolved emergency response services, incident management and analysis.
  • Respond to service provider network attacks affecting critical network infrastructure and the cloud environments.
  • Produce detailed incident reports and technical briefs on security incidents.
  • Participate and contribute to post incidents reviews and documentation.
  • Identify and report on threat intelligence from external & internal resources and use to apply risk-based assessments.
  • Investigation of security events to determine root cause.
  • Tracking and reporting of events and investigations.
  • Contribute to security projects, meetings, and ad-hoc requests.
• Required Skills and Experience:
  • 1-3 years + applied technical experience.
  • Expertise in Kill Chain Methodology & Cyber Threat Intelligence Framework is an asset.
  • Experience with forensic tools and methodologies is required
  • Scripting (Powershell, Bash, Perl, Python) knowledge/experience a bonus.
  • Experience with SPLUNK, Windows Defender tooling - for endpoint, for O365
  • Direct experience with developing security metrics, KRIs and KPIs for leadership team.
  • Strong knowledge of Clouds, Service provider/ Telecom infrastructure, virtual environments, web applications and APIs
  • Working knowledge of TCP/IP networking, including routing and common ports/protocols.
  • Proficiency with large data manipulation tools ie, Excel, DBs, Open Source, and Linux tool
  • Demonstrated relevant experience as a key member of threat intel, incident response, malware analysis, or similar role.
  • Strong knowledge of malware families and network attack vectors.
  • Strong knowledge of Linux, Windows system internals
  • Self-motivated individual with a 'will do' attitude and a strong desire for continuous process improvement.
  • Proven ability to work in a stressful or crisis situation.
  • Ability to drive things, work well both independently and in a team environment.
  • Ability to clearly articulate risk & findings to internal clients both verbally and in written form.
  • Excellent communication, presentation, and relationship skills.
  • Strong organizational, time management, and multi-tasking skills.
  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification is good to have.
  • Undergraduate degree in computer science, engineering, information science, or a related technical discipline.