The team you'll be working with:
SOC Analyst (L1)
We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business.
This role will be based on-site in Birmingham, and candidates must be able to work in a 24/7 operation, likely in shift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world’s largest Global Security services providers, with over 7,500 Security SMEs and as an integration partner to many of the world’s most recognized Security Technology providers. We aim to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we collaborate with our people, clients, and communities to enable them to fulfill their potential and achieve great things. We believe that by bringing everyone together, we can solve problems using innovative technology to create a sustainable and secure world.
This is a great opportunity for you to play a pivotal role in shaping our client’s transformation journeys.
What you'll be doing:
The primary function of the SOC Analyst (L1) is to analyze incidents and undertake detailed investigations of Security Events. This is a hands-on, shift-based role working as part of a 24/7 operation in a standard rotation shift pattern. Responsibilities include utilizing SOC’s SIEM and SOAR tools to detect and investigate potential security and service incidents within monitored networks.
Main Duties:
- Monitor, triage, analyze, and investigate alerts, log data, and network traffic using the Protective Monitoring platform and internet resources to identify cyber-attacks/security incidents.
- Categorize all suspected incidents according to the Security Incident policy.
- Recognize potential, successful, and unsuccessful intrusion attempts and compromises through reviews and analysis of relevant event details and incident summaries.
- Write high-quality security incident tickets using existing knowledge resources and independent research.
- Assist with remediation activities to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks.
- Produce security incident review reports with recommendations for security improvements.
- Understand Threat Intelligence and its operational use.
- Conduct Threat Hunting to identify attacks that may not have been captured.
- Support incident response for national-scale incidents in a coaching capacity.
- Support development and implementation of SOC Use Cases.
- Collaborate with other teams within NTT DATA to improve services based on customer needs.
- Prepare disaster recovery plans.
What experience you'll bring:
- Willingness to work onsite in Birmingham in a 24/7 operation, likely in 4 days on, 4 days off shifts.
- Preferably able to obtain or already holding SC Clearance.
- Strong verbal and written English communication skills.
- Strong interpersonal and presentation skills.
- Strong analytical skills.
- Expertise in TCP/IP network traffic and event log analysis.
- Hands-on experience with Microsoft Sentinel or other SIEM tools.
- Administrative skills across Windows, OS X, and Linux.
- Proficiency in basic shell scripting, creating Snort rules, or other log-search query languages.
- Confidence to handle common security incidents independently.
- Good understanding of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
- Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
- Ability to work independently with minimal supervision.
Education & Experience:
- Minimum of 2-3 years in the IT security industry, preferably in a SOC/NOC environment.
- Preferably holds a Cyber Security Certification (e.g., ISC2 CC, EPQ).
- Experience with Cloud platforms (AWS and/or Microsoft Azure).
- Excellent knowledge of Microsoft Office, especially Excel and Word.
Reporting to:
- Security Director – NTT DATA UK Security Practice
- Client Delivery Director – NTT DATA UK Managed Services
#J-18808-Ljbffr