Soc Analyst Level 1

Overview

NTT DATA Birmingham, England, United Kingdom

We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on-site in Birmingham and involves 24/7 operations, likely in shift patterns of 4 days on, 4 days off.

What you\’ll be doing

• Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents.
• Categorise all suspected incidents in line with the Security Incident policy.
• Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
• Write up high quality security incident tickets using a combination of existing knowledge resources and independent research.
• Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks.
• Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review.
• Understand Threat Intelligence and its use in an operational environment.
• Threat Hunting and the ability to look for attacks that may not have been captured.
• Support incident response to national scale incidents in a coaching capacity.
• Support in the development and implementation of SOC Use Cases.
• Work with other teams within NTT DATA to improve services on the basis of customer needs.

What you\’ll bring

• Preferably be able to obtain SC Clearance or already hold SC clearance.
• Strong interpersonal and presentation skills.
• Strong analytical skills.
• Must have expertise on TCP/IP network traffic and event log analysis.
• Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool).
• Must have administrative skills in several operating systems, such as Windows, OS X, and Linux.
• Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods.
• Must be confident to handle common security incidents independently.
• Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing).
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
• Ability to work with minimal supervision.
• Willingness to work in a job that involves 24/7 operations.

Education Requirements & Experience

• Minimum of 2 to 3 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
• Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ.
• Experience with Cloud platforms (AWS and/or Microsoft Azure).
• Excellent knowledge of Microsoft Office products, especially Excel and Word.

Reports to

• Security Director – NTT DATA UK Security Practice
• Client Delivery Director – NTT DATA UK Managed Services

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer and actively collaborate with individuals who have disabilities to ensure barriers are eliminated in employment opportunities. If you require any reasonable adjustments during the recruitment process, please let us know.