Security Analyst

Job Title: Security Analyst

Location: UK remote with travel as and when required

Shift Pattern: 24/7 shift rota

About GTT:

GTT is a leading networking and security as a service provider for multinational organizations, simply and securely connecting people and machines to data and applications – anywhere in the world. We serve thousands of organizations, bringing together the right people, partners and technology to reduce the burden on IT teams and solve the most pressing networking and security challenges.

Built on our top-ranked global Tier 1 network, GTT Envision is a single global technology platform to connect, orchestrate, virtualize and automate enterprise networks, enabling customers with consumable solutions to achieve business missions and meet ongoing demand when, where and how needed. Our portfolio includes SASE, SD-WAN, security, internet, voice and other connectivity options, complemented by a suite of professional services and exceptional sales and support teams in local markets around the globe. We partner with our customers to deliver Greater Technology Together. For more information, please visit

Role Summary:

The CSOC team at GTT specializes in providing Managed Detection and Response (MDR) services that meet and exceed government and certification body standards. Collaborating closely with our high-value customer base, the team delivers a wide range of security services, including Security Incident & Event Management, ensuring top-notch protection and peace of mind for our clients.

The GTT SIEM platform is essential for identifying customer security incidents. One of the primary tasks of our security analysts is to deeply analyse the outputs of the SIEM environment and guide our customers toward effective remediation actions, successfully mitigating risks to their corporate and hosted environments

Duties and Responsibilities:

• Providing analysis of SIEM alerts leading to enhanced customer security
• Work with customers to enhance security incident response procedures
• Enhance internal investigation process and identify additional toolsets required for rapid incident turnaround
• Be part of a 24/7 customer support team providing first level diagnosis for our hosting and network customers.
• Identifying improvements and advising on best practice.
• Manage 3rd party vendor support as required.
• Adhere to team processes and the direction of the team
• Work with Senior analysts / engineers to implement platform optimizations and tuning through structured change process
• Perform upgrades to SIEM environment from operating system to application to ensure highest level of platform security

Required Experience/Qualifications:

• Proficiency in Security Information and Event Management (SIEM) platforms particularly Splunk.
• Demonstrated experience in analysing and responding to security incidents.
• Strong understanding of cybersecurity principles and best practices.
• Experience in threat detection, analysis, and mitigation.
• Familiarity with incident response procedures and playbooks.
• Excellent analytical and problem-solving skills.
• Strong communication skills to collaborate effectively with stakeholders and customers.
• Relevant security qualifications are a plus

Hours/Travel/Shift:

• Varied shift hours: Occasional extended hours may be required during critical incidents and platform upgrades. Travel required; SC clearance will be required.

Core Competencies

• Accuracy and Attention to Detail: Understanding the necessity and value of accuracy; ability to complete tasks with high levels of precision.
• Managing Multiple Priorities: Knowledge of effective self-management practices; ability to manage multiple concurrent objectives, projects, groups, or activities, making effective judgments as to prioritizing and time allocation.
• Problem Solving: Knowledge of approaches, tools, and techniques for recognizing, anticipating, and resolving organizational, operational, or process problems; ability to apply knowledge of problem-solving appropriately to diverse situations.
• Root Cause Analysis: Knowledge of the concepts, principles, and techniques of root cause analysis (RCA); ability to use a structured approach to identify the underlying causes of problems in a particular environment and the changes needed to prevent recurrences.
• Cybersecurity Practices: Understanding of cybersecurity principles, protocols, and best practices; ability to apply security measures to protect network and data assets.
• IP Technologies and Protocols: Basic theoretical knowledge of IP technologies and protocols.

Universal Competencies

• Continuous Improvement: Expertise in driving transformation initiatives that lead to significant changes, enhancing responsiveness and efficiency in core business practices. Ability to foster a results-oriented culture from a best-effort mindset.
• Customer-Centric Approach: Proficiency in creating a customer-focused environment, promoting accountability, collaboration, and partnership. Capability to cultivate a culture that prioritizes customer value creation at every level of the organization.
• Operational Excellence: Knowledge of system-driven processes to ensure consistency and scalability. Ability to re-engineer processes and systems to shift from integration activities to maximizing positive customer impact while anticipating future trends.

EEO Statement

GTT provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability, or genetics. In addition to federal law requirements, GTT complies with applicable state and local laws governing non-discrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.

GTT expressly prohibits any form of workplace harassment based on race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, or veteran status. Improper interference with the ability of GTT's employees to perform their job duties may result in discipline up to and including discharge.

#LI-RD1 #LI-Remote