The team you'll be working with:
SOC Analyst (L2)
We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business.
This role will be based on-site in Birmingham. We need candidates who are able to work in a job that involves 24/7 operations, likely in shift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7,500 Security SMEs and an integration partner to many of the world’s most recognized Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients, and communities to enable them to fulfill their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a sustainable and secure world.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
What you will be doing;
* The primary function of the SOC Analyst (L2) is to analyze incidents escalated by the SOC Analyst (L1) and undertake detailed investigations of Security Events. The Security Analyst (L2) will determine whether a security event qualifies as an incident and coordinate with the customer’s IT and Security teams for resolution.
Main Duties
* Security Monitoring & Investigation:
o Monitor SIEM tools to ensure high-level security operations.
o Oversee and enhance security monitoring systems to detect and analyze potential security incidents.
o Conduct real-time analysis of security events and escalate as necessary.
o Support investigations into incidents, determining root causes and impacts.
o Document findings and lessons learned to improve incident response procedures.
o Ensure runbooks are followed and are fit for purpose.
* Incident Response:
o Lead and coordinate incident response activities to contain, eradicate, and recover from security incidents.
o Develop and maintain incident response plans aligned with industry best practices.
o Manage escalation during security incidents.
o Follow major incident procedures.
* Threat Intelligence:
o Stay updated on cybersecurity threats and vulnerabilities, integrating threat intelligence into monitoring processes.
o Contribute to threat intelligence feeds for proactive detection.
* Security Tool Management:
o Manage and optimize SIEM tools, ensuring proper configuration and updates.
o Develop and implement SOC Use Cases.
o Evaluate new security technologies and recommend improvements.
* Collaboration:
o Work with IT, legal, and management teams on security incidents and preventive measures.
o Provide guidance to other analysts.
o Coordinate with technical teams for monitoring new or changed services.
* Documentation:
o Maintain accurate security procedures, incident response plans, and analysis reports.
o Create post-incident reports and support monthly reporting.
o Document event and incident management processes, Runbooks & Playbooks.
* Other responsibilities:
o Participate in scoping and establishing new solutions.
o Assist Pre-Sales with requirements for new opportunities.
o Demonstrate SOC tools to clients.
o Recommend continual service improvements.
What experience you'll bring:
What you will bring;
* This role will be based on-site in Birmingham. Candidates must be able to work in a 24/7 environment, likely in shift patterns of 4 days on, 4 days off.
* Ability to obtain or hold SC Clearance.
* Good understanding of Incident Response approaches.
* Hands-on knowledge of Microsoft Sentinel or similar SIEM tools.
* Strong verbal and written English communication skills.
* Interpersonal and presentation skills.
* Strong analytical skills.
* Understanding network traffic flows, normal vs. suspicious activities.
* Knowledge of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
* Ability to learn forensic techniques.
* Ability to reverse engineer attacks.
* Knowledge of ITIL disciplines (Incident, Problem, Change Management).
* Ability to work independently.
* Willingness to work in a 24/7 or on-call environment.
Education & Experience
* 3-5 years in IT security, preferably in a SOC/NOC environment.
* Cyber Security Certifications (e.g., GIAC, ISC2, SC-200) preferred.
* Experience with Cloud platforms (AWS, Azure).
* Proficiency in Microsoft Office, especially Excel and Word.
Reports to
* Security Director – NTT DATA UK Security Practice
* Client Delivery Director – NTT DATA UK Managed Services
Who we are:
We are a global business empowering local teams, working on impactful projects that change the world. Our services span consulting, applications, cloud, and infrastructure, enabling you to achieve great things with talented colleagues and clients.
Our inclusive environment values mutual respect, accountability, and continuous learning, fostering collaboration, well-being, growth, and diversity. We have various Inclusion Networks supporting our commitment to diversity and inclusion.
For more information on our Diversity, Equity, and Inclusion initiatives, click here: Creating Inclusion Together at NTT DATA UK | NTT DATA
What we'll offer you:
We provide benefits supporting your well-being, ongoing learning, and flexible work options.
More about NTT DATA UK & Ireland: https://uk.nttdata.com/
We are an equal opportunities employer and a Disability Confident Committed Employer, ensuring accessible employment opportunities. Please let us know if you need adjustments during the recruitment process.
Back to search Email to a friend Apply now
#J-18808-Ljbffr