We are currently recruiting a Senior SOC Analyst L3 - Managed Detection and Response to join our growing Security Operations Centre business.
This role will be based onsite in Birmingham, and you will need to be willing to work in shift patterns, probably 4 days on, 4 days off, as this is a 24/7 security operations centre.
About Us
NTT DATA is one of the world’s largest global security services providers, with over 7,500 security SMEs, and an integration partner to many of the world’s most recognized security technology providers. We aim to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfill their potential and do great things. We believe that by bringing everyone together, we can solve problems using innovative technology to create a sustainable and secure world.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
Key Responsibilities:
* Manage incidents escalated by SOC Analysts (L1 & L2), conducting detailed investigations of security events.
* Support clients with appropriate actions to contain and remediate security incidents, providing root cause analysis.
* Liaise with customers and the Service Delivery Manager, ensuring best practices are followed by SOC Analysts.
Job Duties:
* Monitor and investigate security events using SIEM tools, ensuring high-quality security operations.
* Oversee and enhance security monitoring systems to detect and analyze potential incidents.
* Conduct real-time analysis, escalate as necessary, and support investigations into incidents.
* Document findings, lessons learned, and ensure runbooks are up-to-date and fit for purpose.
* Lead incident response activities, develop and maintain incident response plans, and manage escalations.
* Stay informed about cybersecurity threats, contribute to threat intelligence feeds, and proactively hunt for threats.
* Fine-tune detection rules, analyze threat intelligence, and collaborate with SOC teams to improve detection mechanisms.
* Generate reports on threats, attack trends, and security posture improvements.
* Manage and optimize SIEM tools, evaluate new security technologies, and recommend enhancements.
* Collaborate with cross-functional teams to address incidents and implement preventive measures.
* Maintain accurate documentation of security procedures, incident reports, and analysis reports.
* Participate in scoping and standing up new solutions, assist pre-sales, and demonstrate SOC tools to clients.
Experience Required:
What experience you'll bring:
* Ability to obtain or hold SC clearance.
* Experience with incident response approaches and SIEM tools like Microsoft Sentinel.
* Strong analytical, interpersonal, and presentation skills.
* Understanding of network traffic, vulnerability management, ethical hacking, and forensic techniques.
* Knowledge of ITIL disciplines and security analytics & automation tools.
* Willingness to work in 24/7 operations or on-call roles.
Education & Experience:
* 3-5 years in IT security, preferably in a SOC/NOC environment.
* Cybersecurity certifications such as CISSP, GIAC, SC-200, or Certified SOC Analyst.
* Experience with cloud platforms like AWS and Azure.
Who we are:
We’re a global business that empowers local teams, undertaking exciting work that is changing the world. Our portfolio includes consulting, cloud, infrastructure, and more, offering opportunities to achieve great things with talented colleagues and clients.
We foster an inclusive environment that promotes mutual respect, accountability, and continuous learning, supporting diversity through various inclusion networks and tailored benefits. We are committed to creating a diverse and inclusive workforce, guaranteeing interviews for applicants with disabilities who meet role requirements and offering reasonable adjustments during recruitment.
#J-18808-Ljbffr