Senior Cyber Security Engineer

Senior Cyber Security Engineer - Managed Serices

Manage and action security incidents through to resolution. Support a variety of top Australian organisations. Permanent role.

Cyber Security Engineer - Level 3

Join our growing global NTT team and you’ll be part of the world’s largest ICT company (by revenue). We’ve combined the capabilities of 28 remarkable companies to become one, leading technology services provider. Together, we help our people, clients, and communities do great things with technology to create a more secure and connected future. We employ 40,000 people across 57 countries. By bringing together the world’s best technology companies and emerging innovators, we work together to deliver sustainable outcomes to businesses and the world. Innovation is part of our DNA. We believe it’s key to what makes us different. So, we strive to move forward, challenge the status quo, and drive excellence through the technologies we integrate and the services we deliver around the world. The result is connected cities, connected factories, connected healthcare, connected agriculture, connected conservation, connected mobility, and connected sport. Together we enable the connected future.

Want to be a part of our team?

NTT is looking for a Level 3 Cyber Security Engineer to join our managed services team in a permanent position. This person can be located in either Sydney or Melbourne.

This resource will be part of NTT's Cyber Security Incident Response (CSIR) team. The CSIR team is essential in providing an orchestrated and rapid security incident response capability with an oversight of security incident response across wider NTT Managed Security Services clients. The CSIR team utilise various security technologies to identify alerts, prioritize and investigate security issues in a fast-paced environment maintain the level of communication with internal and client stakeholders.

Working at NTT

As a Level 3 CSIR Engineer, the typical day can vary greatly depending on the specific position. They may begin their day by looking over dashboards, reports from the previous day or shift, including checking for any new threats and identifying malware that may have infiltrated the system. They would also prepare for and respond to system breaches or attacks. These processes might differ between Clients, but they generally include responding to hacks or network insecurities and working to prevent new ones.

You will also be required to participate in a shift roster which may comprise of shifts business hours and after hours, between 7am and 7pm.

Tasks and responsibilities:

• Accept, manage, and update service requests to ensure contracted Service Level Agreements are met.
• Provide remote technical support and Escalations within Managed Services’ ITIL aligned service delivery processes including Incident Management, Problem Management, Configuration Management, Change Management and Release Management.
• Manage, own and co-ordinate the technical resolution of incidents either remotely or onsite utilising Field Engineering resources.
• Action P1 or Major incident escalation right away.
• Plan, coordinate and implement complex network changes within customer specified change windows, adhering to a predefined ITIL change management framework. This will include liaising with the customer, third party suppliers, vendors and partners to ensure minimal disruption to the customer’s day-to-day business operations, and the provision of a seamless, coordinated delivery of services.
• Plan, coordinate and execute release management activities within customer specified change windows, adhering to a predefined ITIL release management framework.
• Plan, coordinate and execute configuration management activities within customer specified change windows, adhering to a predefined ITIL configuration management framework plan.
• Identify Known Errors and document these within the Known Errors Database.
• Maintain detailed knowledge of the clients’ environment(s), where applicable, by maintaining and updating relevant documentation such as Network Diagrams, Configuration Databases along with the process and procedural documentation.
• Provide proactive, constant and clear communication on the status of incident/problem resolution between the client, NTT, and any other 3rd party supplier and vendors.
• Escalate issues affecting the delivery of service to management.

What will make you a good fit for the role?

Skills and Technical Experience:

• Strong experience in a technical support environment working with Firewall - Cisco FTD, Palo Alto, Juniper, Checkpoint, Proxy - Palo Alto Prisma/ SASE BlueCoat, Zscalar and F5 security products.
• Experience in Security Incident management and response, with hands-on exp on SIEM tools mainly Splunk
• Experience in Cyber Security operations involving Security alert triage, threat hunting, vulnerability assessment.
• Palo Alto Security Certification like PCNSE, PCNSA will be highly regarded
• Cisco CCNP/CCIE Security certified with good working experience in supporting Cisco ASA, FTD/IPS, ISE, AnyConnect VPN.
• Strong knowledge to support, maintain and troubleshoot any incident and request on Cisco ASA/Firepower/FTD, Cisco ISE, Juniper SRX in the complex enterprise environment.
• Strong knowledge to support, maintenance and troubleshoot any incident and request on Cisco ASA/Firepower/FTD, Cisco ISE, Juniper SRX in a complex enterprise environment.
• Experience in supporting Web gateway technology from Palo Alto Prisma, Zscaler ZIA, Netskope, Symantec bluecoat web gateway.
• Experience in supporting and strong knowledge on VPN technologies from Cisco Any Connect and Zscaler ZPA. • Experience in managing Compliance management tools like AlgoSec Firemon, Skybox, Tufin.
• Good knowledge of routing and switching protocols
• Ability to lead the technical investigation, speak to the client in the incident discussion, clearly articulate the problem/incident statement and technical details.
• Experience in managing large customers with multiple data centres and sites.
• Strong team player, collaborates with teammates and contributes towards team success.
• A visa that allows you to work in either Sydney or Melbourne, Australia

Desirable skills and Technical Experience:

• Zscaler certifications and experience.
• Security Tools for AlgoSec, and SIEM solutions Splunk, RSA envision.
• Vulnerability Management tools like Tenable and Qualys.
• Experience in managing Compliance management tools like Firemon, Skybox, AlgoSec.
• Juniper SRX certification
• Scripting skills with good command of Python.
• Experience in supporting Splunk Log search head, running query.
• Knowledge of Mitre framework.