Cyber Security Analyst XDR

Remote

Today, it is an unavoidable fact that your business critical infrastructure and systems are at risk of attack. The key to good security is a clear understanding of what is most critical to the business. Where you do not have enough internal resources, time or skills to monitor and manage your IT environment 24/7, NCC Group can help, freeing up your skilled employees to focus on value-add activity.

NCC Group provides a range of managed and hosted services delivered from our UK-based Security Operations Centre (SOC), which operates 24/7, 365 days a year. Our team of over 30 accredited security experts handle over 200 million log events daily and support more than 5,000 network devices.

NCC Group's Cloud XDR Team offers world-class Extended Detection and Response (XDR) services; detecting, responding, and mitigating cyber-attacks on our customers' networks using the Microsoft Sentinel ecosystem.

The Cloud XDR Team is looking for passionate XDR Security Analysts to join us in helping customers maximize our services and protect their networks. This is an opportunity to join a highly skilled team and contribute to delivering world-class services.

This role is ideal for experienced SOC Analysts seeking to broaden their cybersecurity skills with a focus on detection and response to cyber incidents.

1. Monitor global systems for potential threats, vulnerabilities, and indicators of compromise.
2. Analyze security alerts using Microsoft XDR tools (Sentinel, Defender, etc.).
3. Provide incident remediation and prevention recommendations based on procedures and experience.
4. Document and adhere to security monitoring processes.
5. Deliver exceptional customer service.
6. Escalate threats as necessary.
7. Prepare and review service reports.
8. Mentor junior team members.
9. Assist in Threat Hunting engagements.
10. Contribute to continuous SOC process improvements.
11. Perform additional duties as assigned.

• Practical knowledge of security and networking tools, including Microsoft XDR suite.
• Deep understanding of network protocols and endpoint forensics.
• Experience with Windows and Linux OS.
• Extensive analysis experience of security incidents.
• Ability to remain calm under pressure.

• Azure certifications (SC-200, AZ-500, MS-500).
• CREST certifications (CPSA, CRIA, CMRE, CNIA, CHIA).
• CompTIA Security+ and Network+.
• Other relevant certifications.

• Focus on Clients and Customers.
• Work as One NCC.
• Commit to Continuous Learning.
• Be Inclusive and Respectful.
• Deliver Excellence.

Our mission is to create a more secure digital future. We partner with clients across industries, securing products and emerging technologies, and solving complex security challenges. We value our colleagues and are committed to an inclusive, supportive environment that fosters growth and well-being, offering comprehensive benefits, wellness programs, and flexible working arrangements.

• Flexible working arrangements.
• Financial and investment benefits.
• Pension scheme.
• Life assurance.
• Share save scheme.
• Maternity and paternity leave.
• Community programs.
• Green car and cycle schemes.
• Employee referral program.
• Learning and development opportunities.

If interested, please apply with your CV and cover letter. Our talent team will contact suitable candidates. Alternatively, send your details to global.ta@nccgroup.com.

We review all applications and will contact candidates who match our requirements. If you do not hear from us within 10 days, your CV may be retained for future opportunities. To opt out of data retention, email global.ta@nccgroup.com. We support diversity and provide reasonable adjustments during the application process. Please note, this role requires pre-employment background checks, including BS7858 screening.