• Monitor, manage, and administer IT Security specific technical control solutions (e.g. Content filtering, IDS/IPS, Firewall, End point protection, etc..) • Monitor and respond to information security issues related to the systems and workflow to ensure security policies and procedures are enforced. • Administer and monitor security profiles, review security violation reports, and investigate possible security exceptions. • Coordinate response to information security incidents. • Collaborate with IT management, legal, compliance and other applicable teams to manage vulnerability exposures. • Assist in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). • Create, manage and maintain user security awareness. • Conduct security research in keeping abreast of latest security issues. • Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness.

Coordinate and oversee security, safety, and risk management activities in public spaces. Engage with stakeholders, monitor compliance, and respond to incidents to ensure safe operations during events and high-traffic activities.

• Responsible and accountable for analyzing security alerts, events, and trends to communicate the value of NuHarbor services. • Conduct investigations to provide actionable, context relevant, escalations to clients. • Provide analysis and interpretation of vulnerability scans and assessments. • Ensure client facing and internal escalations are serviced in a timely fashion. • Identify and communicate security gaps and potential mitigations. • Identify and scope opportunities for improvements in efficiency, quality, maturity, and capabilities. • Maintain current certifications and training relevant to their role as defined in the NuHarbor Career Course Toolkit. • Develop, implement, and improve documentation and operational processes. • Ensure reports are generated to standard and on-schedule. • Perform threat hunting in client environments. • Proactively identify and communicate internal and client risks. • Perform intelligence gathering and analysis to influence technical control development, client security program maturity, and client attack surface defense. • Continually research the cyber industry to stay up to date on current threats, threat actor’s tactics and techniques, and emerging vulnerabilities.

Job Title: Security Analyst Location: UK remote with travel as and when required Shift Pattern: 24/7 shift rota Grow Your Career with GTT! Join GTT to be part of a global mission to simply and securely connect people and data through innovative, AI-driven solutions. We empower curious, adaptive professionals to take ownership of their work, offering a culture where your ideas have a visible, real-world reach. If you are energized by complex challenges and a supportive team that lifts each other up, GTT is the place to build a rewarding career. Role Summary: The CSOC team at GTT specializes in providing Managed Detection and Response (MDR) services that meet and exceed government and certification body standards. Collaborating closely with our high-value customer base, the team delivers a wide range of security services, including Security Incident & Event Management, ensuring top-notch protection and peace of mind for our clients. The GTT SIEM platform is essential for identifying customer security incidents. One of the primary tasks of our security analysts is to deeply analyse the outputs of the SIEM environment and guide our customers toward effective remediation actions, successfully mitigating risks to their corporate and hosted environments Duties and Responsibilities: - Providing analysis of SIEM alerts leading to enhanced customer security - Work with customers to enhance security incident response procedures - Enhance internal investigation process and identify additional toolsets required for rapid incident turnaround - Be part of a 24/7 customer support team providing first level diagnosis for our hosting and network customers. - Identifying improvements and advising on best practice. - Manage 3rd party vendor support as required. - Adhere to team processes and the direction of the team - Work with Senior analysts / engineers to implement platform optimizations and tuning through structured change process - Perform upgrades to SIEM environment from operating system to application to ensure highest level of platform security Required Experience/Qualifications: - Proficiency in Security Information and Event Management (SIEM) platforms, particularly Splunk. - Demonstrated experience in analysing and responding to security incidents. - Strong understanding of cybersecurity principles and best practices. - Experience in threat detection, analysis, and mitigation. - Familiarity with incident response procedures and playbooks. - Excellent analytical and problem-solving skills. - Strong communication skills to collaborate effectively with stakeholders and customers. - Relevant security qualifications are a plus Hours/Travel/Shift: - Varied shift hours: Occasional extended hours may be required during critical incidents and platform upgrades. SC clearance will be required. Core Competencies - Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with high levels of precision. - Managing Multiple Priorities: Knowledge of effective self-management practices; ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation. - Problem Solving: Knowledge of approaches, tools, and techniques for recognizing, anticipating, and resolving organizational, operational, or process problems; ability to apply knowledge of problem-solving appropriately to diverse situations. - Root Cause Analysis: Knowledge of the concepts, principles, and techniques of root cause analysis (RCA); ability to use a structured approach to identify the underlying causes of problems in a particular environment and the changes needed to prevent recurrences. - Cybersecurity Practices: Understanding of cybersecurity principles, protocols, and best practices; ability to apply security measures to protect network and data assets. - IP Technologies and Protocols: Basic theoretical knowledge of IP technologies and protocols. Our Commitments: Commitments drive the speed and relevance required to transform our culture and deliver extraordinary value to our customers. By embracing these commitments together, we create a thriving environment where we lift each other up and achieve mutual success. - Adaptive Mindset: We meet change head-on to build the capabilities we need now. We take personal ownership of our professional development to keep pace with change and actively drive it. - Collective Impact: We treat innovation as a team sport, working powerfully together to create extraordinary impact. We collaborate openly and with a shared purpose and amplify our unique human strengths to solve complex challenges that technology alone cannot. - Customer Ownership: We own our customers’ success, whether an internal stakeholder or an external client. We take full accountability, anticipate their needs and create smooth experiences to build trust with every touchpoint. In an automated world, personal ownership is GTT’s competitive edge. #LI-RD1 #LI-Remote