NTT DATA Glasgow, Scotland, United Kingdom
Join or sign in to find your next job
Join to apply for the Senior SOC Analyst role at NTT DATA
NTT DATA Glasgow, Scotland, United Kingdom
Join to apply for the Senior SOC Analyst role at NTT DATA
Direct message the job poster from NTT DATA
We are currently recruiting for a Senior SOC Analyst to join our growing Security Operations Centre business.
This role is hybrid variable in Glasgow, and requires a willingness to work 24/7 operations or on call, this will probably be 4 days on, 4 days off in shift patterns, but can be negotiable.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
What you’ll be doing;
The primary function of the Senior SOC Analyst is to manage any incidents escalated by the SOC Analyst (L1 & L2) and undertake the detailed investigation of the Security Event. The Senior SOC Analyst shall be able to look at all the evidence available and support the client on the appropriate action to contain and remediate any security incident. They will need to be able to provide root cause analysis and liaise with the customer and the Service Delivery Manager as well and ensuring the actions of the SOC Analysts follow best practice.
* Security Monitoring: & Investigation:
* Monitoring SIEM tools to assure high a level of security operations delivery function
* Oversee and enhance security monitoring systems to detect and analyse potential security incidents.
* Conduct real-time analysis of security events and incident and escalate as necessary
* Support other teams on investigations into incidents, determining the root cause and impact.
* Document findings and lessons learned to improve incident response procedures.
* Ensure runbooks are followed and are fit for purpose
* Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents.
* Develop and maintain incident response plans, ensuring they align with industry best practices.
* Escalation management in the event of a security incident
* Follow major incident process
* Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes.
* Contribute to the development of threat intelligence feeds to enhance proactive threat detection.
* Proactively hunt for threats within enterprise environments using SIEM and EDR solutions.
* Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives.
* Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations.
* Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection mechanisms.
* Conduct adversary simulation exercises to test and improve detection capabilities.
* Generate detailed reports on emerging threats, attack trends, and security posture improvements.
* Monitored and analysed security logs from SIEM platforms to identify suspicious activity.
* Security Tool Management:
* Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness.
* Own the development and implementation of SOC Use Cases
* Evaluate new security technologies and recommend enhancements to the security infrastructure.
* Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures.
* Provide expertise and guidance to other analysts.
* Working with the Technical Teams to ensure all new and changed services are monitored accordingly
* Documentation:
* Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports.
* Create post-incident reports for management and stakeholders.
* Support the creation of monthly reporting packs as per contractual requirements.
* Create and document robust event and incident management processes, Runbooks & Playbooks
* Involvement in scoping and standing up new solutions for new opportunities
* Assisting Pre-Sales team with requirements on new opportunities
* Demonstrations of SOC tools to clients
* Continual Service Improvement - Recommendations for change to address incidents or persistent events.
What you’ll bring;
* Willingness to work in a job that involves 24/7 operations or on call, perhaps 4 days on 4 days off.
* Must be able to obtain SC Clearance or already hold SC clearance.
* Must have a good understanding on Incident Response approaches
* Must have knowledge and hands-on knowledge of Microsoft Sentinel (or any SIEM tool).
* Strong interpersonal and presentation skills.
* Strong analytical skills
* Must have good understanding on network traffic flows and able to understand normal and suspicious activities.
* Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
* Ability to learn forensic techniques
* Ability to reverse engineer attacks to understand what actions took place.
* Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
* Ability to work with minimal levels of supervision.
* Security Analytics & Automation (SOAR, YARA Rules, Sigma Rules)
* Malware Analysis & Reverse Engineering
* Network & Endpoint Security Monitoring (EDR, IDS/IPS, Firewalls)
Education Requirements & Experience
* Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
* Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Certified SOC Analyst
* Experience with Cloud platforms (AWS and/or Microsoft Azure)
* Excellent knowledge of Microsoft Office products, especially Excel and Word
Reports to
* Security Director – NTT DATA UK Security Practice
* Client Delivery Director – NTT DATA UK Managed Services
Seniority level
* Seniority level
Mid-Senior level
Employment type
* Employment type
Full-time
Job function
* Job function
Consulting
* Industries
IT Services and IT Consulting
Referrals increase your chances of interviewing at NTT DATA by 2x
Get notified about new Security Operations Center Analyst jobs in Glasgow, Scotland, United Kingdom.
Erskine, Scotland, United Kingdom 2 days ago
Glasgow, Scotland, United Kingdom 2 months ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 9 hours ago
Glasgow, Scotland, United Kingdom 4 days ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 17 hours ago
Cyber Security Principal Engineer, Executive Director
Glasgow, Scotland, United Kingdom 2 days ago
Cyber Security Project Manager (Change and Transformation)
Glasgow, Scotland, United Kingdom 6 days ago
Cyber Security Project Manager | Hybrid (2 Days onsite - Glasgow) | £300-£350 p/d (Inside IR35)
Glasgow, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 3 days ago
Glasgow, Scotland, United Kingdom 2 days ago
Glasgow, Scotland, United Kingdom 3 months ago
Glasgow, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 6 hours ago
Glasgow, Scotland, United Kingdom 3 weeks ago
Glasgow, Scotland, United Kingdom 3 months ago
Motherwell, Scotland, United Kingdom 3 weeks ago
Fire & Security - Service Engineer - Hybrid
Stirling, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 3 months ago
Bellshill, Scotland, United Kingdom 2 weeks ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 day ago
Fire Security Engineer / Electrical Installation Engineer
Glasgow, Scotland, United Kingdom 1 month ago
Stirling, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 week ago
Linux Cryptography and Security Engineer
Glasgow, Scotland, United Kingdom 4 weeks ago
Glasgow, Scotland, United Kingdom 1 week ago
Glasgow, Scotland, United Kingdom 1 week ago
Senior Sales Executive - Cybersecurity and / or QA Software Testing - Private Sector - UK
Glasgow, Scotland, United Kingdom 1 month ago
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr