SOC Analyst SIEM Monitoring

SOC Analyst (L1)

NTT DATA is one of the world’s largest global security service providers, partnering with some of the most recognized security technology brands. We’re looking for passionate, curious, and motivated individuals to join our team.

What you'll be doing:

• Monitor, triage, analyse and investigate alerts, log data, and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks/security incidents.
• Categorise all suspected incidents in line with the Security Incident policy.
• Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
• Write high-quality security incident tickets using existing knowledge resources and independent research.
• Assist with remediation activities or support customer stakeholders to inhibit cyber-attacks, clean up IT systems, and secure networks against repeat attacks.
• Produce security incident review reports to present information about incidents and provide security improvement recommendations.
• Understand Threat Intelligence and its application in an operational environment.
• Conduct Threat Hunting to identify attacks that may not have been captured.
• Support incident response to national-scale incidents in a coaching capacity.
• Assist in the development and implementation of SOC Use Cases.
• Collaborate with other teams within NTT DATA to improve services based on customer needs.
• Prepare disaster recovery plans.

Skills and Experience:

• Ability to obtain SC Clearance or already hold SC clearance.
• Strong verbal and written English communication skills.
• Excellent interpersonal and presentation skills.
• Strong analytical skills.
• Expertise in TCP/IP network traffic and event log analysis.
• Hands-on experience with Microsoft Sentinel or similar SIEM tools.
• Administrative skills across multiple operating systems (Windows, OS X, Linux).
• Proficiency in shell scripting, creating Snort rules, or other log-searching query languages.
• Confidence in handling common security incidents independently.
• Good understanding of Vulnerability Scanning, Management, and Ethical Hacking (Penetration Testing).
• Knowledge of ITIL disciplines such as Incident, Problem, and Change Management.
• Ability to work with minimal supervision.
• Willingness to work in a 24/7 operations environment.

We’re a global business that empowers local teams, undertaking impactful work that changes the world. Our portfolio includes consulting, applications, cloud, and infrastructure services, enabling you to achieve great things alongside brilliant colleagues and clients.

Our inclusive environment fosters mutual respect, accountability, continuous learning, collaboration, well-being, growth, and agility. We are proud of our Diversity, Equity, and Inclusion initiatives, including various Employee Networks.

For more information on Diversity, Equity, and Inclusion, please visit: Creating Inclusion Together at NTT DATA UK | NTT DATA

We provide tailored benefits supporting your physical, emotional, and financial well-being. Our Learning and Development team offers continuous growth opportunities, and flexible work options are available.

Learn more about NTT DATA UK & Ireland at: https://uk.nttdata.com/

We are an equal opportunities employer committed to diversity and inclusion. We are a Disability Confident Employer, guaranteeing interviews for applicants with disabilities who meet minimum role requirements and offering reasonable adjustments during recruitment.