We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business. This role will be based on‑site in Birmingham and requires the ability to work in a 24/7 operation with shift patterns of 4 days on, 4 days off.
Responsibilities
* Analyse any incidents and undertake the detailed investigation of the Security Event. The role is a hands‑on shift‑based role working as part of a 24/7 operation.
* Utilise the SOC’s SIEM and SOAR toolsets to detect and investigate potential security and service incidents occurring within the monitored networks.
* Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and internet resources to identify cyber‑attacks or security incidents.
* Categorise all suspected incidents in line with the Security Incident policy.
* Recognise potential, successful and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
* Write up high‑quality security incident tickets using existing knowledge resources and independent research.
* Assist with remediation activities (or support customer stakeholders) to inhibit cyber‑attacks, clean up IT systems and secure networks against repeat attacks.
* Produce security incident review reports to present information about the incident and provide improvement recommendations.
* Apply threat intelligence in an operational environment and engage in threat hunting to look for attacks that may not have been captured.
* Support incident response to national‑scale incidents in a coaching capacity.
* Support the development and implementation of SOC use cases.
* Work with other teams within NTT DATA to improve services based on customer needs.
* Prepare disaster recovery plans.
* Perform support for cyber‑attack investigations and incident response.
Qualifications
* Minimum of 2 to 3 years of experience in the IT security industry, preferably in a SOC/NOC environment.
* Strong verbal and written English communication.
* Strong interpersonal and presentation skills.
* Strong analytical skills.
* Expertise on TCP/IP network traffic and event log analysis.
* Knowledge and hands‑on experience of Microsoft Sentinel or any SIEM tool.
* Administrative skills in several operating systems such as Windows, OS X, and Linux.
* Proficient in basic shell scripting, creating Snort rules or other log‑searching query languages and methods.
* Confident to handle common security incidents independently.
* Good understanding of vulnerability scanning and management as well as ethical hacking (penetration testing).
* Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
* Ability to work with minimal levels of supervision.
* Preferably holds a Cyber Security Certification such as ISC₂ CC or CEH.
* Experience with cloud platforms such as AWS and/or Microsoft Azure.
* Excellent knowledge of Microsoft Office products, especially Excel and Word.
* Preferably be able to obtain SC Clearance or already hold SC clearance.
Benefits
* Range of tailored benefits that support physical, emotional, and financial well‑being.
* Learning and Development team provides continuous growth and development opportunities.
* Flexible work options available.
* Inclusive corporate culture with a focus on equity, diversity, and continuous learning.
Equal Opportunities
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident committed employer and guarantee an interview to applicants who declare they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know.
#J-18808-Ljbffr