We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business.
This role will be based on-site in Birmingham, and we need candidates who are able to work in a job that involves 24/7 operations, likely in shift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world’s largest global security services providers with over 7,500 security SMEs and an integration partner to many of the world’s most recognized security technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfill their potential and do great things. We believe that by bringing everyone together, we can solve problems using innovative technology to create a sustainable and secure world.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
What you will be doing;
* The primary function of the SOC Analyst (L2) is to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigation of security events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and will coordinate with the customer’s IT and security teams for resolution.
Main Duties
* Security Monitoring & Investigation:
o Monitor SIEM tools to ensure high levels of security operations delivery.
o Oversee and enhance security monitoring systems to detect and analyze potential security incidents.
o Conduct real-time analysis of security events and escalate as needed.
o Support other teams in incident investigations, determining root cause and impact.
o Document findings and lessons learned to improve incident response procedures.
o Ensure runbooks are followed and are fit for purpose.
* Lead and coordinate incident response activities to contain, eradicate, and recover from security incidents.
* Develop and maintain incident response plans aligned with industry best practices.
* Manage escalations during security incidents.
* Follow major incident processes.
* Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes.
* Contribute to threat intelligence feeds for proactive detection.
* Security Tool Management:
o Manage and optimize SIEM tools, ensuring proper configuration and updates.
o Develop and implement SOC use cases.
o Evaluate new security technologies and recommend infrastructure enhancements.
* Work with cross-functional teams, including IT, legal, and management, on security incidents and preventive measures.
* Provide guidance to other analysts.
* Coordinate with technical teams to monitor new and updated services.
* Documentation:
o Maintain accurate documentation of security procedures, incident response plans, and analysis reports.
o Create post-incident reports for management and stakeholders.
o Support the creation of monthly reporting packs as per contractual requirements.
o Document event and incident management processes, runbooks, and playbooks.
* Other responsibilities:
o Participate in scoping and establishing new solutions.
o Assist pre-sales teams with requirements for new opportunities.
o Demonstrate SOC tools to clients.
o Recommend continual service improvements based on incident analysis.
What experience you'll bring:
What you will bring;
* This role is based on-site in Birmingham; candidates must be able to work in a 24/7 operation, likely in shift patterns of 4 days on, 4 days off.
* Must be able to obtain or already hold SC clearance.
* Good understanding of Incident Response approaches.
* Hands-on experience with Microsoft Sentinel or similar SIEM tools.
* Strong verbal and written English communication skills.
* Excellent interpersonal and presentation skills.
* Strong analytical skills.
* Good understanding of network traffic flows, normal vs. suspicious activities.
* Knowledge of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
* Ability to learn forensic techniques.
* Ability to reverse engineer attacks.
* Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
* Ability to work independently with minimal supervision.
* Willingness to work in a 24/7 or on-call role.
Education & Experience Requirements
* 3-5 years of experience in IT security, preferably in a SOC/NOC environment.
* Cybersecurity certifications such as GIAC, ISC2, SC-200 are preferred.
* Experience with Cloud platforms (AWS and/or Microsoft Azure).
* Proficiency with Microsoft Office, especially Excel and Word.
Reports to
* Security Director – NTT DATA UK Security Practice
* Client Delivery Director – NTT DATA UK Managed Services
Who we are:
We’re a global business that empowers local teams, undertaking impactful work that changes the world. Our portfolio includes consulting, applications, cloud, and infrastructure services, offering opportunities to achieve great things with talented colleagues and clients.
Our inclusive environment promotes respect, accountability, and continuous learning, fostering collaboration, well-being, growth, and agility. We are proud of our diversity and inclusion initiatives, including various Employee Networks.
We provide benefits supporting your physical, emotional, and financial well-being. Our Learning and Development team offers continuous growth opportunities. Flexible work options are available.
We are an equal opportunities employer and a Disability Confident employer. We guarantee an interview to applicants with disabilities who meet role requirements and request accommodations during recruitment.
#J-18808-Ljbffr