This list contains only the countries for which job offers have been published in the selected language (e.g., in the French version, only job offers written in French are displayed, and in the English version, only those in English).
Join NTT DATA as a SOC Analyst (L1) in Birmingham, where you'll monitor and investigate security incidents in a 24/7 operations environment. This role requires strong analytical skills, expertise in TCP/IP, and familiarity with SIEM tools like Microsoft Sentinel. Ideal candidates will have 2-3 years of experience in IT security and a Cyber Security Certification. Enjoy a collaborative culture with opportunities for growth and development.
Job Responsibility:
Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents
Categorise all suspected incidents in line with the Security Incident policy
Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information
Write up high quality security incident tickets using a combination of existing knowledge resources and independent research
Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks
Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review
Understand Threat Intelligence and its use in an operational environment
Threat Hunting and the ability to look for attacks that may not have been captured
Support incident response to national scale incidents in a coaching capacity
Support in the development and implementation of SOC Use Cases
Work with other teams within NTT DATA to improve services on the basis of customer needs
Preparing disaster recovery plans
Requirements:
Willingness to work in a job that involves 24/7 operations onsite in Birmingham, this will probably be 4 days on, 4 days off
Preferably be able to obtain SC Clearance or already hold SC clearance
Strong verbal and written English communication
Strong interpersonal and presentation skills
Strong analytical skills
Must have expertise on TCP/IP network traffic and event log analysis
Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool)
Must have administrative skills in several operating systems, such as Windows, OS X, and Linux
Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods
Must be confident to handle common security incidents independently
Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
Knowledge of ITIL disciplines such as Incident, Problem and Change Management
Ability to work with minimal levels of supervision
Minimum of 2 to 3 years of experience in the IT security industry, preferably working in a SOC/NOC environment
Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ
Experience with Cloud platforms (AWS and/or Microsoft Azure)
Excellent knowledge of Microsoft Office products, especially Excel and Word
Nice to have:
Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ
Experience with Cloud platforms (AWS and/or Microsoft Azure)
What we offer:
We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
We also offer the opportunity to have flexible work options