Jobs

SOC Analyst L2


Job details
  • NTT DATA
  • Birmingham
  • 1 week ago

Job Description

The team you'll be working with:

NTT DATA is one of the worlds largest Global Security services providers with over 7,500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.

This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.

What you'll be doing:

The primary function of the SOC Analyst (L2) is to analyse any incidents escalated by the SOC Analyst (L1) and undertake the detailed investigation of the Security Event. The Security Analyst (L2) shall determine whether the security event will be classified as an incident. They will be coordinating with the customer IT and Security team for resolution of the Security Incident.

Security Monitoring: & Investigation: Monitoring SIEM tools to assure high a level of security operations delivery function Oversee and enhance security monitoring systems to detect and analyse potential security incidents. Conduct real-time analysis of security events and incident and escalate as necessary Support other teams on investigations into incidents, determining the root cause and impact. Document findings and lessons learned to improve incident response procedures. Ensure runbooks are followed and are fit for purpose Incident Response: Lead and coordinate incident response activities to effectively contain, eradicate, and recover from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance proactive threat detection. Security Tool Management: Manage and optimise SIEM tools, ensuring they are properly configured and updated to maximize effectiveness. Own the development and implementation of SOC Use Cases Evaluate new security technologies and recommend enhancements to the security infrastructure. Collaboration: Collaborate with cross-functional teams, including IT, legal, and management, to address security incidents and implement preventive measures. Provide expertise and guidance to other analysts. Working with the Technical Teams to ensure all new and changed services are monitored accordingly Documentation: Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports. Create post-incident reports for management and stakeholders. Support the creation of monthly reporting packs as per contractual requirements. Create and document robust event and incident management processes, Runbooks & Playbooks Other responsibilities: Involvement in scoping and standing up new solutions for new opportunities Assisting Pre-Sales team with requirements on new opportunities Demonstrations of SOC tools to clients Continual Service Improvement - Recommendations for change to address incidents or persistent events.

What experience you'll bring:

Must be able to obtain SC Clearance or already hold SC clearance. Must have a good understanding on Incident Response approaches Must have knowledge and hands-on knowledge of Microsoft Sentinel (or any SIEM tool). Strong verbal and written English communication. Strong interpersonal and presentation skills. Strong analytical skills Must have good understanding on network traffic flows and able to understand normal and suspicious activities. Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing) Ability to learn forensic techniques Ability to reverse engineer attacks to understand what actions took place. Knowledge of ITIL disciplines such as Incident, Problem and Change Management. Ability to work with minimal levels of supervision. Willingness to work in a job that involves 24/7 operations or on-call.

Who we are:

We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA

what we'll offer you:

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.

For more information on NTT DATA UK & Ireland please click here: NTT DATA

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a Disability Confident Committed Employer - we want to see every candidate performing at their best throughout the job application and interview process, if you require any reasonable adjustments during the recruitment process, please let us know and we look forward to hearing from you.

Back to search Email to a friend Apply now

Apply

Listen to the story of Employee Voice

Alejandro Hernandez

Agile Coach/Digital Strategy Consultant for the Banking Sector

Chile

Read more

Giuseppe Cuciniello

International Business Development and commercial planning

Italy

Read more

Ianca Caroline Nascimento Linhares

Agility Trainee

Brazil

Read more

Apply Back to search results

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

L2 SOC Analyst

L2 SOC Analyst Based fullly onsite in Milton Keynes 24/7 shift rotation Permanent - £45,000 - £50,000 Shift Allowance Company Bonus Gain SC CLearance My client are looking for a new L2 SOC Analyst to join their diverse SOC Operations team. Working within a Cyber Security Analyst Team as part...

Proactive Appointments Limited Milton Keynes

SOC Analyst/Sentinel Engineer

Microsoft Sentinel Engineer/L3 SOC AnalystAkkodis are currently working in partnership with a leading service provider to recruit an experienced Microsoft Sentinel Engineer with expertise of Microsoft Sentinel and QRadar to join their growing security team during an exciting period of change.Please note this is a fully remote role and you...

City of London

SOC Analyst/Sentinel Engineer

Microsoft Sentinel Engineer/L3 SOC AnalystAkkodis are currently working in partnership with a leading service provider to recruit an experienced Microsoft Sentinel Engineer with expertise of Microsoft Sentinel and QRadar to join their growing security team during an exciting period of change.Please note this is a fully remote role and you...

Akkodis London

Senior SOC Analyst - Sentinel/QRadar

Senior SOC Analyst (Sentinel/QRadar)Akkodis are currently working in partnership with a leading service provider to recruit an experienced SOC Analyst with expertise of Microsoft Sentinel and QRadar to join their growing security team during an exciting period of change.Please note this is a fully remote role and you must be...

City of London

L3 SOC Analyst

L3 SOC Analyst (Fully Remote)Salary - Up to £65,000 + Shift Allowance Bonus + Additional Corporate Benefits Package!The Client: A leading technology MSSP requires a security operations analyst (L3)Job Description:As an experienced Senior Cyber Security Operations Analyst, You will be responsible for handing security incidents received/escalated from the CSOC Analyst...

Lorien London

Cyber Threat Analyst

We will consider flexible working arrangements for any of our roles and also offer work place accommodations to ensure you have what you need to effectively deliver in your role.The Cyber Threat Analyst role is positioned with the M&G Security Operations team that consists of the following functions:Security Operations Centre...

M&G Edinburgh