Cyber Defence Expert Analyst

Who We Are

Our mission is to protect and empower organizations through cutting-edge Managed Detection and Response (MDR) solutions, deep technical expertise, and a client-first mindset.

What You'll Be Doing

• Client-facing and internal communication
• Building strong, meaningful “trusted advisor” relationships with clients on behalf of NTT DATA Europe & Latam
• Support in detection, response, mitigation, and reporting of cybersecurity threats within customer environment
• Develop and optimize detections and automations in Cybersecurity MDR solutions
• Design and improve Cybersecurity processes, procedures, and trainings
• Act as Subject Matter Expert (SME) in Cybersecurity, with a strong operational focus on MDR solutions
• Act as main Cybersecurity Advisor for one or more customers
• Confer expertise in areas of Network/Perimeter/Cloud Security, SecOps, Threat Intelligence and Detection capabilities
• Propose recommendations for enhancing the customer’s IT security posture
• Staying updated with the latest security trends and technologies to adapt strategies accordingly

What You'll Bring Along

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity or related field
• Minimum 5-7 years of experience in IT Cybersecurity
• Proficient handling of specific tools like EDRs, SIEMs and network devices such as firewalls, IDS/IPS
• Very good knowledge of Cloud Security solutions in Azure. Other Cloud variants can be a plus
• Knowledge of security models, industry best practices and generally accepted information security principles
• Hands-on experience with SIEM systems like Microsoft Sentinel, Palo Alto XSIAM, Splunk, etc
• Technical understanding of common Cloud IT systems such as EntraID, O365, AD, Exchange
• Understanding of cybersecurity domains such as network security, EDR, anomaly detection
• Understanding of MITRE ATT&CK Framework
• Ability to perform network traffic analysis and design use cases based on the findings
• Certifications such as SANS GCDA, SANS GCED are a significant advantage
• Certifications such as CISSP, CISM, GIAC are highly desirable
• Ability and desire to travel both domestically and internationally
• Flexible working hours and possible on-call rotation
• Proficiency in English is required. German language skills are a huge plus

Key skills/competency

• Managed Detection and Response (MDR)
• SIEM (Microsoft Sentinel, Splunk, XSIAM)
• EDR (Endpoint Detection and Response)
• Cloud Security (Azure, EntraID, O365)
• Threat Intelligence
• Incident Response
• Network Security (Firewalls, IDS/IPS)
• MITRE ATT&CK Framework
• Client Advisory
• Security Operations (SecOps)