SOC Analyst L1
| Posting date: | 06 August 2025 |
|---|---|
| Salary: | Not specified |
| Additional salary information: | Competitive Salary Depending On Experience |
| Hours: | Full time |
| Closing date: | 05 September 2025 |
| Location: | Birmingham, West Midlands |
| Remote working: | Hybrid - work remotely up to 2 days per week |
| Company: | NTT Data |
| Job type: | Permanent |
| Job reference: |
Summary
The team you'll be working with:
SOC Analyst (L1)
We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business.
This role will be based on-site in Birminham, we need canddiates that are able to work in a job that involves 24/7 operations, this will probably be inshift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
What you will be doing;
The primary function of the SOC Analyst (L1) is to analyse any incidents and undertake the detailed investigation of the Security Event. The role is a ‘hands-on’ shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC’s SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks.
Main Duties
Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents.
Categorise all suspected incidents in line with the Security Incident policy
Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
Write up high quality security incident tickets using a combination of existing knowledge resources and independent research.
Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks.
Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review.
Understand Threat Intelligence and its use in an operational environment
Threat Hunting and the ability to look for attacks that may not have been captured
Support incident response to national scale incidents in a coaching capacity
Support in the development and implementation of SOC Use Cases
Work with other teams within NTT DATA to improve services on the basis of customer needs
Preparing disaster recovery plans.
What experience you'll bring:
What you'll bring;
Willingness to work in a job that involves 24/7 operations onsite in Birmingham, this will probably be 4 days on, 4 days off.
Preferably be able to obtain SC Clearance or already hold SC clearance.
Strong verbal and written English communication.
Strong interpersonal and presentation skills.
Strong analytical skills
Must have expertise on TCP/IP network traffic and event log analysis.
Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool).
Must have administrative skills in several operating systems, such as Windows, OS X, and Linux
Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods.
Must be confident to handle common security incidents independently.
Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
Ability to work with minimal levels of supervision.
Education Requirements & Experience
Minimum of 2 to 3 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ
Experience with Cloud platforms (AWS and/or Microsoft Azure)
Excellent knowledge of Microsoft Office products, especially Excel and Word
Reports to
Security Director – NTT DATA UK Security Practice
Client Delivery Director – NTT DATA UK Managed Services
SOC Analyst (L1)
We are currently recruiting for an Associate level Managed Detection and Response SOC Analyst Level 1 to join our growing Security Operations Centre business.
This role will be based on-site in Birminham, we need canddiates that are able to work in a job that involves 24/7 operations, this will probably be inshift patterns of 4 days on, 4 days off.
About Us
NTT DATA is one of the world’s largest Global Security services providers with over 7500 Security SMEs and Integration partner to many of the worlds most recognised Security Technology providers. We strive to hire exceptional, innovative, and passionate individuals who want to grow with us. In a constantly changing world, we work together with our people, clients and communities to enable them to fulfil their potential to do great things. We believe that by bringing everyone together, we can solve problems using innovative technology that can create a world that is sustainable and secure.
This is a great opportunity for you to play a pivotal role in helping to shape our client’s transformation journeys.
What you'll be doing:
What you will be doing;
The primary function of the SOC Analyst (L1) is to analyse any incidents and undertake the detailed investigation of the Security Event. The role is a ‘hands-on’ shift-based roles, working as part of a 24/7 operation working in a standard rotation shift pattern. They are responsible for utilising the SOC’s SIEM and SOAR toolsets to detect and investigate potential Security and Service Incidents occurring within the monitored networks.
Main Duties
Monitor, triage, analyse and investigate alerts, log data and network traffic using the Protective Monitoring platform and Internet resources to identify cyber-attacks / security incidents.
Categorise all suspected incidents in line with the Security Incident policy
Recognise potential, successful, and unsuccessful intrusion attempts and compromises through reviews and further analysis of relevant event detail and incident summary information.
Write up high quality security incident tickets using a combination of existing knowledge resources and independent research.
Assist with remediation activities (or support customer stakeholders) to inhibit cyber-attacks, clean up IT systems and secure networks against repeat attacks.
Produce security incident review reports to present information about the security incident and provide security improvement recommendations based on the security incident review.
Understand Threat Intelligence and its use in an operational environment
Threat Hunting and the ability to look for attacks that may not have been captured
Support incident response to national scale incidents in a coaching capacity
Support in the development and implementation of SOC Use Cases
Work with other teams within NTT DATA to improve services on the basis of customer needs
Preparing disaster recovery plans.
What experience you'll bring:
What you'll bring;
Willingness to work in a job that involves 24/7 operations onsite in Birmingham, this will probably be 4 days on, 4 days off.
Preferably be able to obtain SC Clearance or already hold SC clearance.
Strong verbal and written English communication.
Strong interpersonal and presentation skills.
Strong analytical skills
Must have expertise on TCP/IP network traffic and event log analysis.
Must have knowledge and hands-on experience of Microsoft Sentinel (or any SIEM tool).
Must have administrative skills in several operating systems, such as Windows, OS X, and Linux
Must be proficient in basic shell scripting, creating Snort rules, or other log-searching query languages and methods.
Must be confident to handle common security incidents independently.
Must have good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
Knowledge of ITIL disciplines such as Incident, Problem and Change Management.
Ability to work with minimal levels of supervision.
Education Requirements & Experience
Minimum of 2 to 3 years of experience in the IT security industry, preferably working in a SOC/NOC environment.
Preferably holds Cyber Security Certification e.g. ISC2 CC, EPQ
Experience with Cloud platforms (AWS and/or Microsoft Azure)
Excellent knowledge of Microsoft Office products, especially Excel and Word
Reports to
Security Director – NTT DATA UK Security Practice
Client Delivery Director – NTT DATA UK Managed Services
Proud member of the Disability Confident employer scheme
Disability Confident
About Disability Confident
A Disability Confident employer will generally offer an interview to any applicant that declares they have a disability and meets the minimum criteria for the job as defined by the employer. It is important to note that in certain recruitment situations such as high-volume, seasonal and high-peak times, the employer may wish to limit the overall numbers of interviews offered to both disabled people and non-disabled people. For more details please go to Disability Confident.