SOC Analyst L2

The team you'll be working with: SOC Analyst (L2). We are currently recruiting a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business. This role will be based on‑site in Birmingham; candidates must be able to work in a 24/7 operations environment, typically in shift patterns of 4 days on, 4 days off.

NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and integration partner to many of the world’s most recognised security technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us.

• The primary function is to analyse incidents escalated by Level 1 SOC analysts, undertake detailed investigation of security events, classify incidents, and coordinate with customer IT and security teams for resolution.
• Security Monitoring & Investigation: monitor SIEM tools, conduct real‑time analysis, determine root cause, document findings, ensure runbooks are followed, and enhance monitoring systems.
• Incident Response: lead and coordinate containment, eradication, and recovery; develop and maintain response plans; manage escalation; follow major incident process.
• Threat Intelligence: stay abreast of latest threats and vulnerabilities, integrate threat intelligence into monitoring, and contribute to the development of threat intelligence feeds.
• Security Tool Management: manage and optimise SIEM tools, develop SOC use cases, evaluate new technologies, and recommend enhancements.
• Collaboration: work with IT, legal, management, and technical teams to address incidents, provide guidance to analysts, and ensure new services are monitored.
• Documentation: maintain up‑to‑date procedures, incident response plans, and analysis reports; create post‑incident reports and monthly reporting packs.
• Other responsibilities: involving scoping and deployment of new solutions, assisting pre‑sales, demonstrating SOC tools to clients, and continual service improvement recommendations.

• Must be able to obtain or already hold SC Clearance.
• Good understanding of incident response approaches.
• Hands‑on knowledge of Microsoft Sentinel or any SIEM tool.
• Strong verbal and written English communication, interpersonal and presentation skills.
• Strong analytical skills.
• Knowledge of network traffic flows and ability to identify normal and suspicious activities.
• Understanding of vulnerability scanning and management, and ethical hacking (penetration testing).
• Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
• Ability to learn forensic techniques and reverse engineer attacks.
• Ability to work with minimal supervision.
• Willingness to work in a 24/7 operations environment or on‑call.

• Minimum of 3‑5 years of experience in the IT security industry, preferably in a SOC/NOC environment.
• Preferred cyber security certifications (GIAC, ISC2, SC‑200).
• Experience with cloud platforms (AWS and/or Microsoft Azure).
• Excellent knowledge of Microsoft Office products, especially Excel and Word.

• Security Director – NTT DATA UK Security Practice
• Client Delivery Director – NTT DATA UK Managed Services

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensures continuous growth and development opportunities. Flexible work options are available. We are an equal‑opportunity employer committed to diversity and inclusion, proud to support people with disabilities, and maintain inclusive networks such as Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network, and the Parent Network.