Senior SOC Analyst

Req ID: 342354

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Senior SOC Analyst to join our team in Merrifield, Virginia (US-VA), United States (US).

Job Summary:

The Senior SOC Analyst is a key member of the 24/7/365 Security Operations Center, which serves as the escalation point for advanced investigations, incident response, and proactive threat hunting. This role conducts higher-level analysis than other analysts on the team. A senior SOC analyst performs deep forensic investigations, correlates multi-source threat intelligence information, and guides containment and remediation strategies. The Senior SOC Analyst identifies and mitigates advanced threats across enterprise IT endpoints, cloud environments, and OT systems. They leverage frameworks like the MITRE ATT&CK framework and others to detect, disrupt, and prevent malicious activity from occurring in the enterprise environment.

They work closely with the SOC manager and leads. They mentor junior staff, assist to refine SOC processes, and ensures the organization maintains a strong cybersecurity posture. They collaborate with engineers, threat intelligence and forensics teams to enhance detection capabilities, improve incident response readiness, and deliver actionable security insights to leadership.

Duties and Responsibilities:

1. Lead advanced incident detection, investigation, and analysis efforts.

2. Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents.

3. Perform deep-dive investigations to determine root cause, scope, and impact of incidents.

4. Apply MITRE ATT&CK and other frameworks for adversary TTP identification.

5. Conduct kill-chain and supply chain analysis to understand and counter threats.

6. Coordinate and direct complex incident response activities.

7. Guide preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams.

8. Serve as the primary escalation point for high-impact or advanced incidents.

9. Ensure incident handling aligns with established guidelines, response plans, and playbooks.

10. Conduct proactive threat hunting to identify emerging risks.

11. Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack.

12. Hunt for advanced persistent threats and undiscovered vulnerabilities.

13. Use advanced queries in SOC cybersecurity tools to detect anomalous or suspicious activity.

14. Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence.

15. Coordinate with forensics teams to ensure chain-of-custody and evidence integrity.

16. Extract and analyze relevant artifacts to support investigations and post-incident reviews.

17. Document and communicate forensic findings to stakeholders.

18. Develop and enhance SOC processes, playbooks, and detection capabilities.

19. Refine detection rules, alert thresholds, and automation workflows in SIEM/SOAR platforms and other cybersecurity tools.

20. Create SOPs, knowledge base articles, and training materials for SOC staff.

21. Recommend and guide implementation of new detection and analysis tools.

22. Perform threat intelligence collection, analysis, and dissemination.

23. Gather threat data from internal, classified, and open-source intelligence feeds.

24. Analyze and contextualize intelligence to produce actionable recommendations.

25. Share relevant threat information with SOC, leadership, and partner teams.

26. Mentor and train SOC analysts to improve investigative capabilities and analytical thought process.

27. Provide real-time guidance during active incidents.

28. Conduct regular training sessions, tabletop exercises, and red/blue team drills.

29. Validate analyst findings and provide feedback to designed to provoke thought, improve accuracy, and investigative thoroughness.

30. Collaborate with stakeholders to strengthen overall cybersecurity posture.

31. Work with engineering, IT, and cloud teams to address identified vulnerabilities.

32. Participate in tool evaluations, recommending solutions that enhance SOC capabilities and identify capability overlap.

33. Support internal coordination with client sections, divisions, and external entities.

34. Maintain documentation and reporting for SOC operations.

35. Record investigative steps, evidence, and incident timelines in case management systems.

36. Generate incident reports, trend analyses, and post-mortem summaries.

37. Provide executive-level briefings on security events and SOC performance.

Basic Qualifications:

• Master's degree in any of the following disciplines (Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science), from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC.

• One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program.

• Minimum 8 years of experience in Information Technology (IT) and/or Information Security (IS).

• DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding.

• Active Secret Security Clearance

• Must be a US Citizen who lives within a commutable distance to the client's sites in Arlington or Merrifield, VA.

Preferred Qualifications:

• Cyber Defense Analyst advanced certifications:

• CBROPS

• CFR

• CompTIA: CySA+, Security + CE, CASP+CE

• FITSP-O

• SANS: GCFA, GCIA, GDSA, GICSP

• CCNA-Security, CCNP Security

• CISSP (or associate), CCSP

• CISA

• SSCP

• CND

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com (http://us.nttdata.com/en)

Whenever possible, we hire locally to NTT DATA offices or client sites. This ensures we can provide timely and effective support tailored to each client's needs. While many positions offer remote or hybrid work options, these arrangements are subject to change based on client requirements. For employees near an NTT DATA office or client site, in-office attendance may be required for meetings or events, depending on business needs. At NTT DATA, we are committed to staying flexible and meeting the evolving needs of both our clients and employees. NTT DATA recruiters will never ask for payment or banking information and will only use @nttdata.com, @nttdatafed.com and @talent.nttdataservices.com email addresses. If you are requested to provide payment or disclose banking information, please submit a contact us form, https://us.nttdata.com/en/contact-us .

NTT DATA endeavors to make https://us.nttdata.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at https://us.nttdata.com/en/contact-us . This contact information is for accommodation requests only and cannot be used to inquire about the status of applications. NTT DATA is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. For our EEO Policy Statement, please click here (http://us.nttdata.com/en/compliance#eeos) . If you'd like more information on your EEO rights under the law, please click here (http://us.nttdata.com/en/compliance#know-your-rights) . For Pay Transparency information, please click here (http://us.nttdata.com/en/compliance#ppnp) .