SOC Analyst SIEM Monitoring

The team you will be working with: SOC Analyst (L1) NTT DATA is one of the world’s largest global security service providers, partnering with some of the most recognized security technology brands. We’re looking for passionate, curious, and motivated individuals to join our team.

What you will be doing:

• Monitor, triage, analyse and investigate alerts, log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents.
• Categorise all suspected incidents in line with the Security Incident policy.
• Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
• Write high-quality security incident tickets using existing knowledge resources and independent research.
• Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks.
• Produce security incident review reports to present information about incidents and provide security improvement recommendations.
• Understand Threat Intelligence and its application in an operational environment.
• Conduct Threat Hunting to identify attacks that may not have been captured.
• Support incident response to national-scale incidents in a coaching capacity.
• Assist in the development and implementation of SOC Use Cases.
• Collaborate with other teams within NTT DATA to improve services based on customer needs.
• Prepare disaster recovery plans.

What experience you will bring:

• Ability to obtain SC Clearance or already hold SC clearance.
• Strong verbal and written English communication skills.
• Excellent interpersonal and presentation skills.
• Strong analytical skills.
• Expertise in TCP/IP network traffic and event log analysis.
• Hands-on experience with Microsoft Sentinel or similar SIEM tools.
• Administrative skills across multiple operating systems (Windows, OS X, Linux).
• Proficiency in shell scripting, creating Snort rules, or other log-searching query languages.
• Confidence in handling common security incidents independently.
• Good understanding of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
• Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
• Ability to work with minimal supervision.
• Willingness to work in a 24/7 operations environment.

Education & Experience:

• Minimum of 2-3 years of experience in IT security, preferably in a SOC/NOC environment.
• Cyber Security Certifications such as ISC2 CC or EPQ are preferred.
• Experience with Cloud platforms (AWS and/or Microsoft Azure).
• Proficiency in Microsoft Office, especially Excel and Word.

Who we are:

We’re a global business that empowers local teams, undertaking impactful work that changes the world. Our portfolio includes consulting, applications, cloud, and infrastructure services, enabling you to achieve great things alongside brilliant colleagues and clients. Our inclusive environment fosters mutual respect, accountability, continuous learning, collaboration, well-being, growth, and agility. We are proud of our Diversity, Equity, and Inclusion initiatives, including various Employee Networks.

What we will offer you:

We provide tailored benefits supporting your physical, emotional, and financial well-being. Our Learning and Development team offers continuous growth opportunities, and flexible work options are available. We are an equal opportunities employer committed to diversity and inclusion. We are a Disability Confident Employer, guaranteeing interviews for applicants with disabilities who meet minimum role requirements and offering reasonable adjustments during recruitment.