Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Enhance security operations and develop playbooks for threat detection.
- Company: Join NTT Data, a global leader in IT and cybersecurity solutions.
- Benefits: Enjoy competitive salary, inclusive culture, and opportunities for professional growth.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge technologies.
- Qualifications: Experience with SIEM platforms and strong analytical skills required.
- Other info: Dynamic environment with a focus on collaboration and continuous learning.
The predicted salary is between 36000 - 60000 £ per year.
We specialise in delivering cutting‑edge IT and cybersecurity solutions to our diverse client base. We provide expert‑managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats.
We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
Role Overview
The primary function of the Senior SOC Engineer is to enhance our security operations capabilities. This role requires deep expertise in SIEM platforms including Splunk, IBM QRadar, Microsoft Defender, Microsoft Sentinel, and Google Chronicle, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will be instrumental in building and optimizing our detection and response strategies.
Responsibilities
- SIEM Engineering & Management
- Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle).
- Onboard and normalize log sources across cloud and on‑prem environments.
- Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis.
- Playbook Development & Automation
- Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration).
- Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response.
- Continuously refine playbooks based on threat intelligence and incident feedback.
- Threat Detection & Response
- Monitor and analyse security alerts and events to identify potential threats.
- Perform in‑depth investigations and coordinate incident response activities.
- Collaborate with threat intelligence teams to enrich detection logic.
- Threat Modelling & Use Case Development
- Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain.
- Translate threat models into actionable detection use cases and SIEM rules.
- Prioritize detection engineering efforts based on risk and business impact.
- Reporting & Collaboration
- Generate reports and dashboards for stakeholders on security posture and incident trends.
- Work closely with IT, DevOps, and compliance teams to ensure secure system configurations.
- Provide mentorship and guidance to junior analysts and engineers.
- Maintain accurate and up‑to‑date documentation of security procedures, incident response plans, and analysis reports.
- Support the creation of monthly reporting packs as per contractual requirements.
- Create and document robust event and incident management processes, runbooks & playbooks.
- Other responsibilities
- Involvement in scoping and standing up new solutions for new opportunities.
- Assisting Pre‑Sales team with requirements on new opportunities.
- Demonstrations of SOC tools to clients.
- Continual Service Improvement – Recommendations for change to address incidents or persistent events.
Qualifications
- Must be able to obtain SC Clearance or already hold SC clearance.
- SIEM Expertise: Hands‑on experience of IBM QRadar.
- Strong knowledge of log formats, parsing, and normalization.
- Experience with KQL, SPL, AQL, or other SIEM query languages.
- Familiarity with scripting (Python, PowerShell) for automation and enrichment.
- Deep understanding of threat detection, incident response, and cyber kill chain.
- Familiarity with MITRE ATT&CK, NIST, and CIS frameworks.
- Strong verbal and written English communication.
- Strong interpersonal and presentation skills.
- Strong analytical skills.
- Good understanding of network traffic flows and ability to understand normal and suspicious activities.
- Good understanding of vulnerability scanning and management as well as ethical hacking (penetration testing).
- Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
- Ability to work with minimal levels of supervision.
- Willingness to work in a job that involves 24/7 on call.
- Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
- Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC‑200, Splunk Certified Admin/Power User, IBM QRadar Certified Specialist, Google Chronicle Security Engineer etc.
- Experience with ServiceNow Security suite.
- Experience with Cloud platforms (AWS and/or Microsoft Azure).
- Excellent knowledge of Microsoft Office products, especially Excel and Word.
Company Culture & Benefits
- NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local teams, undertaking hugely exciting work and is genuinely changing the world.
- We are a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world.
- Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, clients, and exciting projects.
- Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people, fostering collaboration, well‑being, growth, and agility, leading to a more diverse, innovative, and competitive organisation.
- We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network, and the Parent Network.
#J-18808-Ljbffr
SOC Solutions Engineer - QRadar and Splunk employer: NTT DATA UK Ltd.
Contact Detail:
NTT DATA UK Ltd. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SOC Solutions Engineer - QRadar and Splunk
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, attend meetups, and connect with people on LinkedIn. You never know who might have the inside scoop on job openings or can refer you directly.
✨Tip Number 2
Show off your skills! Create a portfolio or GitHub repository showcasing your projects, especially those related to SIEM platforms like Splunk and QRadar. This gives potential employers a taste of what you can do.
✨Tip Number 3
Prepare for interviews by brushing up on common SOC scenarios and incident response strategies. Practice explaining your thought process during threat modelling and playbook development to impress the interviewers.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen by the right people. Plus, we love seeing candidates who are proactive about their job search!
We think you need these skills to ace SOC Solutions Engineer - QRadar and Splunk
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the SOC Solutions Engineer role. Highlight your experience with SIEM platforms like Splunk and QRadar, and don’t forget to mention any relevant certifications. We want to see how your skills match what we’re looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about cybersecurity and how your background makes you a great fit for our team. Keep it engaging and personal – we love to see your personality come through!
Showcase Your Technical Skills: In your application, be sure to showcase your technical skills, especially around threat detection and incident response. Mention specific tools and frameworks you’ve worked with, like MITRE ATT&CK or KQL, to demonstrate your expertise. We’re keen on seeing your hands-on experience!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it shows you’re proactive and eager to join our team at StudySmarter!
How to prepare for a job interview at NTT DATA UK Ltd.
✨Know Your SIEM Inside Out
Make sure you brush up on your knowledge of SIEM platforms like Splunk and IBM QRadar. Be ready to discuss your hands-on experience, including log formats and parsing. Prepare to share specific examples of how you've deployed or optimised these tools in past roles.
✨Playbook Proficiency is Key
Familiarise yourself with incident response playbooks and be prepared to discuss how you've designed or implemented them. Think about various threat scenarios you've encountered and how you automated responses using SOAR platforms. This will show your practical understanding of the role.
✨Showcase Your Analytical Skills
Be ready to demonstrate your analytical skills by discussing how you've monitored and analysed security alerts in the past. Prepare to explain your approach to threat detection and how you've collaborated with teams to enrich detection logic. Real-life examples will make your answers stand out.
✨Communication is Crucial
Since this role involves collaboration with various teams, practice articulating your thoughts clearly. Prepare to discuss how you've generated reports and dashboards for stakeholders. Highlight your interpersonal skills and any experience mentoring junior analysts, as this shows leadership potential.
