The team you'll be working with:
Senior SOC Analyst
We are currently recruiting for a Senior SOC Analyst to join our growing Security Operations Centre business.
This role will be hybrid, variable in Glasgow.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7,500 Security SMEs and an integration partner to many of the world’s most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
What you'll be doing
Profile
The primary function of the Senior Incident Responder - SOC Analyst is to manage incidents escalated by SOC Analysts (L1 & L2) and undertake detailed investigations of security events. They will review evidence, support clients on containment and remediation, and provide root cause analysis, liaising with customers and the Service Delivery Manager to ensure best practices are followed.
Job Duties
1. Security Monitoring & Investigation:
o Monitor SIEM tools to ensure high security operations delivery.
o Oversee and enhance security monitoring systems for incident detection and analysis.
o Conduct real-time analysis, escalate as necessary, and support investigations to determine root cause and impact.
o Document findings and lessons learned to improve incident response procedures.
o Ensure runbooks are followed and are fit for purpose.
2. Incident Response:
o Perform malware analysis to determine behaviour, IOCs, and impact.
o Reverse engineer malware samples and develop detection signatures.
o Follow chain-of-custody procedures during evidence handling.
o Lead incident response activities to contain, eradicate, and recover from security incidents.
o Manage escalation and support handover to Forensics and law enforcement.
3. Threat Intelligence:
o Stay updated on cybersecurity threats and vulnerabilities.
o Contribute to threat intelligence feeds for proactive detection.
4. Security Tool Management:
o Manage and optimise SIEM tools, ensuring proper configuration and updates.
o Develop and implement SOC Use Cases.
o Evaluate new security technologies and recommend enhancements.
5. Collaboration:
o Work with IT, legal, management, and technical teams to address incidents and monitor services.
o Provide guidance to other analysts.
6. Documentation:
o Maintain accurate security procedures, incident response plans, and reports.
o Create post-incident reports and monthly reports as required.
o Document event and incident management processes, runbooks, and playbooks.
7. Other responsibilities:
o Assist in scoping and establishing new solutions.
o Support Pre-Sales with requirements for new opportunities.
o Demonstrate SOC tools to clients.
o Provide recommendations for continuous service improvement.
What experience you'll bring
* Ability to obtain or hold SC Clearance.
* Understanding of Incident Response approaches.
* Hands-on experience with Splunk, QRadar, Microsoft Sentinel, or similar SIEM tools.
* Strong communication skills in English.
* Interpersonal and presentation skills.
* Analytical skills and understanding of network traffic flows.
* Knowledge of Vulnerability Scanning, Ethical Hacking, and DFIR principles.
* Ability to reverse engineer attacks.
* Knowledge of ITIL disciplines.
* Ability to work independently and in 24/7 operational environments.
Education & Experience
* 3-5 years in IT security, preferably in SOC/NOC.
* Cyber Security certifications (e.g., CISSP, GIAC, SC-200) preferred.
* Experience with Cloud platforms (AWS, Azure).
* Proficient in Microsoft Office, especially Excel and Word.
Reporting lines
Reports to:
* Security Director – NTT DATA UK Security Practice
* Client Delivery Director – NTT DATA UK Managed Services
#J-18808-Ljbffr