3 of 3 Threat Detection Jobs in Staffordshire

The team you'll be working with: P3 Senior SOC Analyst (L3) We are currently recruiting a Senior SOC Analyst L3 Managed Detection and Responseto join our growing Security Operations Centre business. ThisrolewillbebasedonsiteinBirmingham,youwillneedtobewillingtoworkinshiftpatters,probably4dayson,4daysoff,asthisisa24/7securityoperationscentre. About Us NTT DATA is one of the world's largest Global Security services providers with over 7500 Security SMEs … from security incidents. Develop and maintain incident response plans, ensuring they align with industry best practices. Escalation management in the event of a security incident Follow major incident process Threat Intelligence: Stay abreast of the latest cybersecurity threats and vulnerabilities, integrating threat intelligence into security monitoring processes. Contribute to the development of threat intelligence feeds to enhance … proactive threat detection. Proactively hunt for threats within enterprise environments using SIEM and EDR solutions. Fine-tune SIEM detection rules, correlation alerts, and log sources to reduce false positives. Analyse threat intelligence feeds, map findings to MITRE ATT&CK framework, and provide actionable security recommendations. Collaborate with SOC teams to investigate alerts, escalate incidents, and improve detection More ❯

play a critical role in designing, developing, and maintaining our security information and event management (SIEM) system. Your focus will be on leveraging Elasticsearch and related technologies to enhance threat detection, incident response, and overall security posture. This role is hybrid (3 days in office) and can be based in one of the following offices: Birmingham, Manchester, Ipswich … you'll be doing SIEM Solution Development: Collaborate with security analysts and architects to design and implement SIEM solutions using Elasticsearch. Optimize SIEM rules, alerts, and dashboards for efficient threat detection. Collaborate effectively with others to drive forward key security objectives Presentation and documentation writing (to both technical and business audiences) Query Optimization and Performance Tuning: Write efficient Elasticsearch … informed about emerging threats and security best practices. Data Ingestion and Enrichment: Configure Elasticsearch pipelines for data ingestion from various sources, primarily from Kafka Enhance data enrichment by integrating threat intelligence feeds and contextual information. Keep abreast of relevant technologies in the area Reading, attending briefings and talks. Contribute to the running of your team. Knowledge-sharing, In team More ❯

technologies, ideally coming from an XSOAR background, and possessing strong experience across XDR and SIEM environments. This is a key role within our security operations function, focused on enhancing detection, automation, and response capabilities. *For this role you must be eligible for SC Clearance* Key Responsibilities Implement and configure Palo Alto Networks XSIAM to improve SOC efficiency and visibility … Design and manage security automation workflows, drawing from previous XSOAR experience Integrate and optimize XDR capabilities to support proactive threat detection Set up and maintain SIEM-style log ingestion, correlation rules, and enrichment pipelines Build custom dashboards and reporting tools for real-time security insights Troubleshoot complex issues related to XSIAM, XSOAR, and related integrations Ensure seamless integration … Clearance Desirable Qualifications Palo Alto certifications (PCNSE, XSIAM/XSOAR certifications highly preferred) Experience with cloud security platforms (AWS, Azure, GCP) Previous work in a SOC environment Exposure to threat hunting methodologies and tools This is a fantastic opportunity to work on the biggest XSIAM project in the UK working with cutting edge technology. My client are happy to More ❯