The team you'll be working with:
SOC Analyst (L2)
We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business.
This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves 24/7 operations, probably in shift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world's largest Global Security services providers with over 7,500 Security SMEs and an integration partner to many of the world's most recognized Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfill their potential and do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a sustainable and secure world.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
What you will be doing;
* The primary function of the SOC Analyst (L2) is to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigations of security events. The Security Analyst (L2) will determine whether a security event should be classified as an incident. They will coordinate with the customer’s IT and Security teams for resolution of the security incident.
Main Duties
* Security Monitoring & Investigation:
o Monitor SIEM tools to ensure high levels of security operations delivery.
o Oversee and enhance security monitoring systems to detect and analyze potential security incidents.
o Conduct real-time analysis of security events and escalate as necessary.
o Support other teams in investigations, determining root cause and impact.
o Document findings and lessons learned to improve incident response procedures.
o Ensure runbooks are followed and are fit for purpose.
* Incident Response:
o Lead and coordinate incident response activities to contain, eradicate, and recover from security incidents.
o Develop and maintain incident response plans aligned with industry best practices.
o Manage escalations during security incidents.
o Follow major incident processes.
* Threat Intelligence:
o Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes.
o Contribute to threat intelligence feeds to enhance proactive detection.
* Security Tool Management:
o Manage and optimize SIEM tools, ensuring proper configuration and updates.
o Develop and implement SOC use cases.
o Evaluate new security technologies and recommend enhancements.
* Collaboration:
o Work with cross-functional teams including IT, legal, and management to address incidents and implement preventive measures.
o Provide guidance to other analysts.
o Ensure monitoring of new and changed services.
* Documentation:
o Maintain accurate documentation of procedures, incident reports, and analysis.
o Create post-incident reports for management.
o Support monthly reporting as per contractual requirements.
o Create event and incident management processes, runbooks, and playbooks.
* Other responsibilities:
o Participate in scoping and deploying new solutions.
o Assist Pre-Sales with requirements for new opportunities.
o Demonstrate SOC tools to clients.
o Propose continual service improvements.
What experience you'll bring:
What you will bring;
* Must be able to obtain or already hold SC Clearance.
* Good understanding of Incident Response approaches.
* Hands-on experience with Microsoft Sentinel or similar SIEM tools.
* Strong verbal and written English communication skills.
* Interpersonal and presentation skills.
* Analytical skills.
* Understanding of network traffic and activities.
* Knowledge of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
* Ability to learn forensic techniques and reverse engineer attacks.
* Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
* Ability to work independently.
* Willingness to work in a 24/7 operational environment or on-call.
Education & Experience
* Minimum 3-5 years in IT security, preferably in a SOC/NOC environment.
* Cyber Security Certifications such as GIAC, ISC2, or SC-200 preferred.
* Experience with Cloud platforms (AWS and/or Microsoft Azure).
* Proficiency with Microsoft Office, especially Excel and Word.
Reports to
* Security Director – NTT DATA UK Security Practice
* Client Delivery Director – NTT DATA UK Managed Services
Who we are:
We are a global business empowering local teams, working on impactful projects that change the world. Our services span consulting, applications, cloud, and infrastructure, providing opportunities for growth and innovation.
Our inclusive environment promotes mutual respect, accountability, and continuous learning. We value diversity and have various Inclusion Networks such as Women's, Cultural & Ethnicity, LGBTQ+ & Allies, Neurodiversity, and Parent Networks.
For more on our Diversity, Equity, and Inclusion initiatives, click here: Creating Inclusion Together at NTT DATA UK | NTT DATA
What we'll offer you:
We provide benefits supporting your wellbeing and opportunities for growth through continuous learning. Flexible work options are available.
More about NTT DATA UK & Ireland: https://uk.nttdata.com/
We are committed to diversity and inclusion, including being a Disability Confident Employer. We guarantee an interview for applicants with disabilities who meet the role's minimum requirements and request reasonable adjustments during recruitment.
Back to search Email to a friend Apply now
#J-18808-Ljbffr