NTT DATA North America
Overview
Senior SOC Analyst role at NTT DATA North America in Merrifield, Virginia (US-VA), United States. Job Summary
The Senior SOC Analyst is a key member of the 24/7/365 Security Operations Center, serving as the escalation point for advanced investigations, incident response, and proactive threat hunting. This role conducts higher-level analysis, performs deep forensic investigations, correlates multi-source threat intelligence, and guides containment and remediation strategies. The Senior SOC Analyst identifies and mitigates advanced threats across enterprise IT endpoints, cloud environments, and OT systems, leveraging frameworks such as MITRE ATT&CK to detect, disrupt, and prevent malicious activity. They work closely with the SOC manager and leads, mentor junior staff, help refine SOC processes, and ensure the organization maintains a strong cybersecurity posture. They collaborate with engineers, threat intelligence, and forensics teams to enhance detection capabilities, improve incident response readiness, and deliver actionable security insights to leadership. Responsibilities
Lead advanced incident detection, investigation, and analysis efforts. Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents. Perform deep-dive investigations to determine root cause, scope, and impact of incidents. Apply MITRE ATT&CK and other frameworks for adversary TTP identification. Conduct kill-chain and supply chain analysis to understand and counter threats. Coordinate and direct complex incident response activities. Guide preparation, containment, eradication, and recovery actions with SOC, forensics, and engineering teams. Serve as the primary escalation point for high-impact or advanced incidents. Ensure incident handling aligns with established guidelines, response plans, and playbooks. Conduct proactive threat hunting to identify emerging risks. Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack. Hunt for advanced persistent threats and undiscovered vulnerabilities. Use advanced queries in SOC cybersecurity tools to detect anomalous activity. Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence, and maintain chain-of-custody and evidence integrity. Extract and analyze relevant artifacts to support investigations and post-incident reviews; document and communicate findings to stakeholders. Develop and enhance SOC processes, playbooks, and detection capabilities; refine detection rules, alert thresholds, and automation workflows in SIEM/SOAR and other tools. Create SOPs, knowledge base articles, and training materials for SOC staff; recommend and guide implementation of new tools. Perform threat intelligence collection, analysis, and dissemination from internal, classified, and open-source feeds; provide actionable recommendations. Share threat information with SOC, leadership, and partner teams; mentor and train analysts to improve investigative capabilities. Provide real-time guidance during active incidents; conduct regular training sessions, tabletop exercises, and red/blue team drills. Collaborate with stakeholders to strengthen overall cybersecurity posture; work with engineering, IT, and cloud teams to address vulnerabilities. Participate in tool evaluations and identify solutions that enhance SOC capabilities and reduce capability overlap. Support internal coordination with client sections, divisions, and external entities; maintain documentation and reporting for SOC operations. Record investigative steps, evidence, and incident timelines in case management systems; generate incident reports, trend analyses, and post-mortem summaries; provide executive-level briefings on security events and SOC performance. Basic Qualifications
Master’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution (educational requirement for this role). One-and-a-half (1.5) years of additional experience can substitute for one (1) year of a typical degree program. Minimum 8 years of experience in Information Technology (IT) and/or Information Security (IS). DoD 8140 certification for the respective area or ability to obtain within six (6) months of onboarding. Active Secret Security Clearance. Must be a US citizen living within commute distance of client sites in the DC Metro area. Preferred Qualifications
Cyber Defense Analyst advanced certifications, including: CBROPS; CFR; CompTIA CySA+, Security+ CE, CASP+ CE; FITSP-O; SANS GCFA, GCIA, GDSA, GICSP; CCNA-Security, CCNP Security; CISSP (or associate), CCSP; CISA; SSCP; CND About NTT DATA
NTT DATA is a $30 billion global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate and transform for long-term success. As a Global Top Employer, we have diverse experts in more than 50 countries with a robust partner ecosystem. Our services include consulting, data/AI, industry solutions, and the development, implementation, and management of applications, infrastructure, and connectivity. We are a leading provider of digital and AI infrastructure and part of NTT Group, investing in R&D to advance the digital future. Visit us at us.nttdata.com We hire locally when possible to provide timely, effective support. Remote or hybrid options may be available but subject to client requirements. NTT DATA recruiters will never ask for payment or banking information and will only use official @nttdata domain emails. If asked for payment or banking details, contact us via the official site. NTT DATA strives to ensure accessibility and offers assistance for applicants with accommodation needs. This contact information is for accommodation requests only and cannot be used to inquire about application status. NTT DATA is an equal opportunity employer. For our EEO policy and rights, and Pay Transparency information, please refer to the linked resources on the company site.
#J-18808-Ljbffr
Senior SOC Analyst role at NTT DATA North America in Merrifield, Virginia (US-VA), United States. Job Summary
The Senior SOC Analyst is a key member of the 24/7/365 Security Operations Center, serving as the escalation point for advanced investigations, incident response, and proactive threat hunting. This role conducts higher-level analysis, performs deep forensic investigations, correlates multi-source threat intelligence, and guides containment and remediation strategies. The Senior SOC Analyst identifies and mitigates advanced threats across enterprise IT endpoints, cloud environments, and OT systems, leveraging frameworks such as MITRE ATT&CK to detect, disrupt, and prevent malicious activity. They work closely with the SOC manager and leads, mentor junior staff, help refine SOC processes, and ensure the organization maintains a strong cybersecurity posture. They collaborate with engineers, threat intelligence, and forensics teams to enhance detection capabilities, improve incident response readiness, and deliver actionable security insights to leadership. Responsibilities
Lead advanced incident detection, investigation, and analysis efforts. Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents. Perform deep-dive investigations to determine root cause, scope, and impact of incidents. Apply MITRE ATT&CK and other frameworks for adversary TTP identification. Conduct kill-chain and supply chain analysis to understand and counter threats. Coordinate and direct complex incident response activities. Guide preparation, containment, eradication, and recovery actions with SOC, forensics, and engineering teams. Serve as the primary escalation point for high-impact or advanced incidents. Ensure incident handling aligns with established guidelines, response plans, and playbooks. Conduct proactive threat hunting to identify emerging risks. Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack. Hunt for advanced persistent threats and undiscovered vulnerabilities. Use advanced queries in SOC cybersecurity tools to detect anomalous activity. Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence, and maintain chain-of-custody and evidence integrity. Extract and analyze relevant artifacts to support investigations and post-incident reviews; document and communicate findings to stakeholders. Develop and enhance SOC processes, playbooks, and detection capabilities; refine detection rules, alert thresholds, and automation workflows in SIEM/SOAR and other tools. Create SOPs, knowledge base articles, and training materials for SOC staff; recommend and guide implementation of new tools. Perform threat intelligence collection, analysis, and dissemination from internal, classified, and open-source feeds; provide actionable recommendations. Share threat information with SOC, leadership, and partner teams; mentor and train analysts to improve investigative capabilities. Provide real-time guidance during active incidents; conduct regular training sessions, tabletop exercises, and red/blue team drills. Collaborate with stakeholders to strengthen overall cybersecurity posture; work with engineering, IT, and cloud teams to address vulnerabilities. Participate in tool evaluations and identify solutions that enhance SOC capabilities and reduce capability overlap. Support internal coordination with client sections, divisions, and external entities; maintain documentation and reporting for SOC operations. Record investigative steps, evidence, and incident timelines in case management systems; generate incident reports, trend analyses, and post-mortem summaries; provide executive-level briefings on security events and SOC performance. Basic Qualifications
Master’s degree in Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science from an ABET-accredited or CAE-designated institution (educational requirement for this role). One-and-a-half (1.5) years of additional experience can substitute for one (1) year of a typical degree program. Minimum 8 years of experience in Information Technology (IT) and/or Information Security (IS). DoD 8140 certification for the respective area or ability to obtain within six (6) months of onboarding. Active Secret Security Clearance. Must be a US citizen living within commute distance of client sites in the DC Metro area. Preferred Qualifications
Cyber Defense Analyst advanced certifications, including: CBROPS; CFR; CompTIA CySA+, Security+ CE, CASP+ CE; FITSP-O; SANS GCFA, GCIA, GDSA, GICSP; CCNA-Security, CCNP Security; CISSP (or associate), CCSP; CISA; SSCP; CND About NTT DATA
NTT DATA is a $30 billion global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate and transform for long-term success. As a Global Top Employer, we have diverse experts in more than 50 countries with a robust partner ecosystem. Our services include consulting, data/AI, industry solutions, and the development, implementation, and management of applications, infrastructure, and connectivity. We are a leading provider of digital and AI infrastructure and part of NTT Group, investing in R&D to advance the digital future. Visit us at us.nttdata.com We hire locally when possible to provide timely, effective support. Remote or hybrid options may be available but subject to client requirements. NTT DATA recruiters will never ask for payment or banking information and will only use official @nttdata domain emails. If asked for payment or banking details, contact us via the official site. NTT DATA strives to ensure accessibility and offers assistance for applicants with accommodation needs. This contact information is for accommodation requests only and cannot be used to inquire about application status. NTT DATA is an equal opportunity employer. For our EEO policy and rights, and Pay Transparency information, please refer to the linked resources on the company site.
#J-18808-Ljbffr