NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure. This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys. What you will be doing; • The primary function of the SOC Analyst (L1) is to analyse any incidents and undertake the detailed investigation of the Security Event. The role is a ‘hands-on’ shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC’s SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks. Main Duties • Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents. • Categorise all suspected incidents in line with the Security Incident policy • Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information. • Write up high quality security incident tickets using a combination of existing knowledge resources and independent research. • Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks. • Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review. • Understand Threat Intelligence and its use in an operational environment • Threat Hunting and the ability to look for attacks that may not have been captured • Support incident response to national scale incidents in a coaching capacity • Support in the development and implementation of SOC Use Cases • Work with other teams within NTT DATA to improve services on the basis of customer needs • Preparing disaster recovery plans. What youll bring; • Willingness to work in a job that involves 24/7 operations onsite in Birmingham, this will probably be 4 days on, 4 days off. • Preferably be able to obtain SC Clearance or already hold SC clearance. • Strong verbal and written English communication. • Strong interpersonal and presentation skills. • Strong analytical skills • Must have expertise on TCP/IP network traffic and event log analysis. • Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool). • Must have administrative skills in several operating systems, such as Windows, OS X, and Linux • Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods. • Must be confident to handle common security incidents independently. • Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) • Knowledge of ITIL disciplines such as Incident, Problem and Change Management. • Ability to work with minimal levels of supervision. Education Requirements & Experience • Minimum of 2 to 3 years of experience in the IT security industry, preferably working in a SOC/NOC environment. • Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ • Experience with Cloud platforms (AWS and/or Microsoft Azure) • Excellent knowledge of Microsoft Office products, especially Excel and Word Reports to • Security Director – NTT DATA UK Security Practice • Client Delivery Director – NTT DATA UK Managed Services