At a Glance
- Tasks: Deploy and maintain SIEM platforms, develop incident response playbooks, and monitor security alerts.
- Company: Join a forward-thinking company dedicated to cybersecurity and innovation.
- Benefits: Enjoy tailored benefits, flexible work options, and continuous learning opportunities.
- Other info: Be part of a diverse team committed to equity and inclusion.
- Why this job: Make a real impact in cybersecurity while developing your skills in a dynamic environment.
- Qualifications: Experience with SIEM platforms and strong analytical skills are essential.
The predicted salary is between 50000 - 70000 £ per year.
Responsibilities
- Deploy, configure, and maintain SIEM platforms such as Splunk, QRadar, Sentinel, and Chronicle to enable robust threat detection.
- Normalize and onboard diverse log sources from cloud and on-premises environments for seamless monitoring.
- Develop and continually refine SIEM rules and queries for use cases involving advanced threat behaviors and anomaly detection.
- Design and implement incident response playbooks for threats such as phishing, lateral movement, malware infections, and more.
- Integrate response automation into SOAR platforms (e. g., XSOAR, Azure Logic Apps) to reduce response times and manual overhead.
- Use feedback from simulated incidents and threat intelligence to refine existing playbooks and workflows.
- Monitor security alerts for potential threats, investigate incidents, and coordinate cross‑team response activities.
- Collaborate with threat intelligence teams to enhance detection logic and fine‑tune resolution processes.
- Perform root‑cause analysis of recurring incidents and help define corrective actions to reduce future risks.
- Perform threat modeling using industry frameworks such as MITRE ATT&CK, STRIDE, or the Cyber Kill Chain.
- Design actionable SIEM use cases, detection rules, and workflows aligned with risk prioritization.
- Evaluate use‑case effectiveness through continual testing and KPIs, prioritizing iteration based on business relevance.
- Develop dashboards and metrics‑driven reports to showcase security posture and incident trends for leadership.
- Maintain detailed documentation of incident procedures, runbooks, playbooks, and analysis reports for audit or team use.
- Support monthly managerial reporting packs to present SOC effectiveness metrics.
- Provide mentorship to junior SOC analysts, transferring technical expertise on threat detection and response best practices.
- Assist pre‑sales teams by demonstrating SOC tools to prospective clients and refining operational delivery proposals.
- Scope, deploy, and operationalize new SOC solutions, benchmarking against industry and client expectations.
- Technical Skills
- Hands‑on experience with SIEM platforms such as Splunk, QRadar, Sentinel, Microsoft Defender, or Chronicle.
- Expertise with SIEM query languages (e. g., KQL, SPL, AQL) and strong knowledge of log normalization and parsing.
- Proficiency in scripting (e. g., Python, Power Shell) to automate tasks and build SOC efficiencies.
- Deep familiarity with cyber threat detection techniques related to frameworks like MITRE ATT&CK and vulnerability management.
- Experience managing ITIL processes, including Incident, Problem, and Change Management.
Certifications
- CISSP, GIAC, SC‑200, Splunk Power User/Admin, QRadar Specialist, or Chronicle Security Engineer certifications preferred.
- Candidates must be eligible to obtain UK SC clearance.
- Professional Skills
- Strong analytical and communication skills to present complex information to technical and non‑technical stakeholders.
- Experience in collaborative team dynamics and independent problem‑solving.
- Proven ability to transfer knowledge and mentor junior SOC team members effectively.
- EEO and Disability Commitment
We are an equal opportunities employer.
We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices.
We are also a proud Disability Confident Committed Employer – we are committed to creating a diverse and inclusive workforce.
We actively collaborate with individuals who have disabilities and long‑term health conditions which affect their ability to perform normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities.
In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role.
If you require any reasonable adjustments during the recruitment process, please let us know.
Benefits
- Range of tailored benefits supporting physical, emotional, and financial wellbeing.
- Learning and development opportunities with continuous growth and development for our people.
- Flexible work options.
- #J-18808-Ljbffr
Security Engineer in England employer: NTT DATA
At NTT DATA, we pride ourselves on being an excellent employer that fosters a culture of innovation and collaboration. Our commitment to employee growth is evident through continuous learning opportunities and a supportive environment that encourages creativity in the rapidly evolving field of AI/ML security. Located in a vibrant tech hub, we offer competitive benefits and a dynamic workplace where your contributions directly impact the future of secure AI systems.
StudySmarter Expert Advice🤫
We think this is how you could land Security Engineer in England
✨Get Involved in the Cybersecurity Community
Diving into the cybersecurity community is key for landing that full-time gig. Join forums like Reddit's r/cybersecurity or attend local meetups to connect with industry veterans and other job seekers. Networking is everything in this field—don’t just be a passive lurker!
✨Show Off Your Skills with Capture the Flag Competitions
Participate in Capture the Flag (CTF) competitions; these are not just a fun way to boost your skills but also a chance to showcase your talent to potential employers. Many companies, including NTT DATA, love seeing candidates who actively engage in these challenges.
✨Tailor Your Online Presence
Make sure your LinkedIn and any professional profiles reflect your cybersecurity expertise. Share your projects, whether they’re personal or from a previous role, to catch the eye of hiring managers. This is how they’ll find your passion and commitment to the field!
✨Apply Directly Through NTT DATA
Don’t forget to head straight to our website and check out any openings for cybersecurity roles at NTT DATA. Applying directly can sometimes give you an edge, especially if you can mention that you've been following our work or engaging in the community.
We think you need these skills to ace Security Engineer in England
Some tips for your application 🫡
Show off your technical skills:In cybersecurity, it's crucial to highlight your technical prowess. Make sure your CV showcases specific skills like network security, penetration testing, or threat analysis. If you have relevant certifications (like CEH or CISSP), pop those on the front page to grab attention!
Tailor your portfolio for the role:Even for a full-time role, a portfolio can set you apart. If you've worked on any cybersecurity projects—be it CTF challenges, security assessments, or research papers—include these in your application. This demonstrates not just your skills, but also your hands-on experience!
Use real-world examples:When writing your cover letter, don’t just stick to your qualifications. Share real-world examples of how you’ve tackled security issues or vulnerabilities. This gives the hiring team at NTT DATA insight into your practical problem-solving abilities and makes your application memorable.
Demonstrate your passion for cybersecurity:Cybersecurity is an ever-evolving field, so show us that you’re always learning! Mention any recent courses, webinars, or industry events you’ve attended. This not only exhibits your enthusiasm but also signals to NTT DATA that you’re committed to staying ahead in the game.
How to prepare for a job interview at NTT DATA
✨Sharpen Your Technical Skills
For a role in cybersecurity, it’s essential to be up-to-date with the latest tools and techniques. Brush up on your knowledge of firewalls, intrusion detection systems, and vulnerability assessment tools. Be ready to discuss specific scenarios where you’ve applied these skills, as hands-on experience can really set us apart in interviews.
✨Prepare for Scenario-Based Questions
Expect the interviewers at NTT DATA to throw in some hypothetical situations to see how you’d handle them. Think about common security breaches or incidents and be prepared to explain how you would respond. This not only shows your problem-solving skills but also your understanding of real-world cybersecurity challenges.
✨Highlight Your Certifications
Certifications like CompTIA Security+, CISSP, or CEH can give you a significant edge in a full-time role in cybersecurity. Make sure to mention these during your interview and be prepared to discuss what you learned through those certifications and how they relate to the position at NTT DATA.
✨Show Your Passion for Cybersecurity
Since you’re going for a full-time gig, showing genuine enthusiasm for the field can make all the difference. Share any personal projects, blogs, or communities you’re part of that relate to cybersecurity. This not only showcases your passion but also your commitment to staying engaged in this ever-evolving field.