SOC Solutions Engineer
We are currently recruiting for a Senior Associate level Managed Detection and Response SOC Analyst Level 2 to join our growing Security Operations Centre business.
This is a hybrid variable position that can be based in our Birmingham or London offices
About Us:
NTT Data is a leading Managed Service Provider (MSP) with a global reach empowering local team, undertaking hugely exciting work and is genuinely changing the world.
We specialise in delivering cutting-edge IT and cybersecurity solutions to our diverse client base. We provide expert-managed services to help clients protect their data, comply with regulations, and manage evolving cyber threats. We are looking for a skilled Information Security Manager to join our team and be billed out to a key client to enhance their information security posture.
What you'll be doing:What you will be doing;
\tThe primary function of the Senior SOC Engineer is to enhance our security operations capabilities. This role requires deep expertise in SIEM platforms including Splunk, IBM QRadar, Microsoft Defender, Microsoft Sentinel, and Google Chronicle, with a strong focus on playbook development, analytical rule creation, and threat modelling. You will be instrumental in building and optimizing our detection and response strategies.\t
SIEM Engineering & Management
\tDeploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle).\tOnboard and normalize log sources across cloud and on-prem environments.\tDevelop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis.\tPlaybook Development & Automation\t\t\tDesign and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration).\t\tIntegrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response.\t\tContinuously refine playbooks based on threat intelligence and incident feedback.\t\t\tThreat Detection & Response\t\t\tMonitor and analyse security alerts and events to identify potential threats.\t\tPerform in-depth investigations and coordinate incident response activities.\t\tCollaborate with threat intelligence teams to enrich detection logic.\t\t\tThreat Modelling & Use Case Development\t\t\tConduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain.\t\tTranslate threat models into actionable detection use cases and SIEM rules.\t\tPrioritize detection engineering efforts based on risk and business impact.\t\t\tReporting & Collaboration\t\t\tGenerate reports and dashboards for stakeholders on security posture and incident trends.\t\tWork closely with IT, DevOps, and compliance teams to ensure secure system configurations.\t\tProvide mentorship and guidance to junior analysts and engineers.\t\tMaintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports.\t\tSupport the creation of monthly reporting packs as per contractual requirements.\t\tCreate and document robust event and incident management processes, Runbooks & Playbooks\t\t\tOther responsibilities:\t\t\tInvolvement in scoping and standing up new solutions for new opportunities\t\tAssisting Pre-Sales team with requirements on new opportunities\t\tDemonstrations of SOC tools to clients\t\tContinual Service Improvement - Recommendations for change to address incidents or persistent events.\t\t What experience you'll bring:What you will bring;
\tMust be able to obtain SC Clearance or already hold SC clearance.\tSIEM Expertise: Hands-on experience with at least two of the following:\t\t\tSplunk\t\tIBM QRadar\t\tMicrosoft Defender for Endpoint\t\tMicrosoft Sentinel\t\tGoogle Chronicle\t\t\tTechnical Skills:\t\t\tStrong knowledge of log formats, parsing, and normalization.\t\tExperience with KQL, SPL, AQL, or other SIEM query languages.\t\tFamiliarity with scripting (Python, PowerShell) for automation and enrichment.\t\t\tSecurity Knowledge:\t\t\tDeep understanding of threat detection, incident response, and cyber kill chain.\t\tFamiliarity with MITRE ATT&CK, NIST, and CIS frameworks.\t\t\tStrong verbal and written English communication.\tStrong interpersonal and presentation skills.\tStrong analytical skills\tMust have good understanding on network traffic flows and able to understand normal and suspicious activities.\tMust have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)\tKnowledge of ITIL disciplines such as Incident, Problem and Change Management.\tAbility to work with minimal levels of supervision.\tWillingness to work in a job that involves 24/7 on call.
Education Requirements & Experience
\tMinimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment.\tPreferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Splunk Certified Admin/Power User, IBM QRadar Certified Specialist, Google Chronicle Security Engineer etc\tExperience with Service Now Security suite\tExperience with Cloud platforms (AWS and/or Microsoft Azure)\tExcellent knowledge of Microsoft Office products, especially Excel and WordReports to
\tSecurity Director – NTT DATA UK Security Practice\tClient Delivery Director – NTT DATA UK Managed Services Who we are:We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.
Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.
For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA
what we'll offer you:We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.
You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/
We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.