EDR Analyst - L1

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Security Managed Services Engineer (L1) is an entry level engineering role, responsible for providing a managed service to clients to ensure that their Firewall infrastructure remain operational through proactively identifying, investigating, and routing the incidents to correct resolver group.
The primary objective of this role is to ensure zero missed service level agreement (SLA) conditions and focuses on first-line support for standard and low complexity incidents and service requests.
The Security Managed Services Engineer (L1) may also contribute to / support on project work as and when required.

What you'll be doing

Key Responsibilities:

• Candidate Should have min 3+ years into EDR.
• Strong hands-on experience with Trend Micro.
• Assess the existing endpoint security infrastructure and identify any gaps or vulnerabilities.
• Should deploy EDR agents on endpoints, servers, and critical systems within the organization's network.
• Should configure EDR agents to collect and analyze security events and activities on endpoints.
• Should monitor endpoints for suspicious activities, such as malware infections, unauthorized access attempts, and unusual user behavior.
• Use behavioral analysis and machine learning to detect advanced threats and zero-day attacks.
• Generate real-time alerts for potential security incidents and provide guidance for incident response and remediation.
• Enable endpoint forensics capabilities to investigate security incidents and identify the root cause of attacks.
• Capture and store detailed endpoint activity logs and artifacts for further analysis.
• Integrate the tool with vulnerability management systems to assess the endpoint's security posture.
• EDR solution should be able to rollout patches or upgrades from the EDR management console for agents onboarded on the platforms.
• Alert and remediate endpoints with outdated or vulnerable software configurations.
• Provide real-time alerts for anomalies that could indicate potential threats.
• Ensure the compatibility with other security systems, such as (but not limited to) SIEM, incident response tools, etc.
• Correlate network anomalies with potential threats, aiding in early threat detection.
• Expected to deliver reports at periodic intervals as per Company’s requirements.
• Re-deploy the agent as and when there is a change in the infrastructure or the operating systems.
• Work of EDR would encompass technical specifications as provided in Annexure F.
• Ensure the proposed EDR solution is capable of coexisting with the currently implemented Antivirus solution in Organization until its end of validity.

Knowledge and Attributes:

• Ability to communicate and work across different cultures and social groups.
• Ability to plan activities and projects well in advance, and takes into account possible changing circumstances.
• Ability to maintain a positive outlook at work.
• Ability to work well in a pressurized environment.
• Ability to work hard and put in longer hours when it is necessary.
• Ability to apply active listening techniques such as paraphrasing the message to confirm understanding, probing for further relevant information, and refraining from interrupting.
• Ability to adapt to changing circumstances.
• Ability to place clients at the forefront of all interactions, understanding their requirements, and creating a positive client experience throughout the total client journey.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent qualification in IT/Computing (or demonstrated equivalent work experience).
• CEH certification is must.

Required Experience:

• Entry-level experience with troubleshooting and providing the support required in security / network/ data center/ systems/ storage administration and monitoring Services within a medium to large ICT organization.
• Basic knowledge of management agents, redundancy concepts, and products within the supported technical domain (such as Security, Network, Data Centre, Telephony, etc.).
• Working knowledge of ITIL processes.

Workplace type:

On-site Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.