NCC Group Logo

NCC Group

Associate SOC Analyst

Posted 2 Days Ago
Be an Early Applicant
Hybrid
Manchester, Greater Manchester, England, GBR
Junior
Hybrid
Manchester, Greater Manchester, England, GBR
Junior
Monitor SIEM/IDS/ITSM alerts, perform initial triage and basic vulnerability analysis, escalate incidents to senior analysts, document incidents and playbooks, recommend remediation, and collaborate with analytic development and security engineering teams while being mentored.
The summary above was generated by AI
As an Associate Security Analyst, you will be the first line of defence in the Event Monitoring Centre, responsible for the initial triage of security alerts, basic vulnerability analysis and data loss prevention. Your primary role will be to monitor, analyse, and assess incoming alerts, identifying potential security incidents based on established criteria. You will escalate confirmed or suspicious threats to the R2 analysts, senior analysts, or the shift lead for further investigation and response. This role requires strong analytical skills, attention to detail, and the ability to follow escalation protocols to ensure swift and effective incident management. Ideal candidates will have a foundational understanding of cybersecurity principles, experience with SIEM tools, and a commitment to continuous learning in a fast-paced security environment. 
 
Due to being the initial contact for the triaging of alerts your expertise will directly support the analytic development by suggesting customer tuning rules to ensure the efficient running of the SOC. This role requires strong analytical skills, technical proficiency, and a commitment to continuous learning in a dynamic security environment.

Key Responsibilities
Threat Detection and Monitoring: 
  • Monitor the ITSM platform for new alerts, schemas and tickets 
  • Monitor the SIEM Logs, IDS Logs and Managed Intelligence sources. 
  • Identify potential threats, vulnerabilities, and indicators of compromise. 
  • Initiate escalation procedures to counteract potential threats and vulnerabilities. 
     
Incident Remediation and Documentation: 
  • Escalate to R2 analysts, Team Lead or senior analyst should further clarification or four eyes be required.  
  • Provide incident remediation and prevention recommendations to customers using established procedures and analyst experience. 
  • Document and adhere to security monitoring processes. 
  • Suggest process and procedure improvement based on working requirements to streamline processes.  
 
Customer Service and Escalation: 
  • Exceed customer expectations by always delivering exceptional customer service. 
  • Be the initial point of contact for alerts and schemas triaged.  
  • Contribute to the creation and maintenance of security documentation, including incident response playbooks, standard operating procedures, and knowledge base articles. 
 
Reporting and Continuous Improvement: 
  • Compile and review service-focused reports for effective communication. 
  • Contribute to the creation and maintenance of security documentation, including incident response playbooks, standard operating procedures, and knowledge base articles. 
  • Be susceptible to mentoring from senior analysts  
 
Threat Analysis and Collaboration: 
  • Contribute practical insights to the analysis of common security incidents. 
  • Maintain working relationships with the Analytic Development and Security Engineering teams. 
  • Collaborate with shift partners to provide a high quality of service. 

General Duties: 
  • Perform additional assigned duties as required. 
  • Flexibility to quickly learn and adapt to new security tools, technologies, and processes. 
  • Process Data Schema Review data loss prevention alerts 
  • Strong analytical and problem-solving skills. 
  • Good communication skills, both written and verbal. 
  • Ability to work collaboratively as part of a team. 
  • Keep up to date with latest emerging threats and APT groups. 
  • Ability to be mentored by senior analysts.  

Skills, Knowledge & Expertise
Minimum Requirements 
Network, Cloud and OS Knowledge: 
  • Understanding of common network protocols and tools. 
  • Understanding of Linux operating systems. 
  • Understanding of Content Delivery Networks 
  • Understanding of the CIA triad and how it interacts with security 
  • Understanding of cloud technologies – AWS, GCP, OCI 

Customer interaction: 
  • Experience with documenting both high level and technical customer facing information. 
  • Confidence providing critical/sensitive information accurately. 
  • Contacting key stakeholders during major incidents 

Incident Analysis and Response: 
  • Awareness of the MITRE ATT&CK framework 
  • Pedigree in performing in-depth analysis of security alerts. 
  • Assess customer impact through investigation and work with senior analysts for resolution. 
  • Basic understanding of Personal Identifiable Information 
  • Initiate escalation procedure for potential threats 
  • Ability to interpret threat priority against the cyber kill chain. 
  • Provide appropriate mitigation and remediation steps. 
 
Desirable Requirements 
Tooling 
  • Hands-on experience with Security Information and Event Management (SIEM) platforms preferably Splunk.  
  • Knowledge of cloud products and log events such as AWS, OCI, GCP.  
  • Knowledge of cloud vulnerability tools such as Wiz 
     
Desirable Certifications 
  • CompTIA Security+ 
  • CompTIA Network + 
  • Security Blue Team Level One 
  • AWS Cloud Practitioner 
  • MAD20 Att&ck Fundamentals  

Job Benefits
  • Flexible Working: Balance your work and personal life with our flexible working options.
  • Generous Holiday Allowance: Enjoy 25 days of holiday, plus bank holidays, with the option to buy up to 5 additional days of annual leave.
  • Medicash & Critical Illness Scheme
  • Financial & Investment Benefits: Enjoy peace of mind with our Pension, Life Assurance, and Share Save Scheme.
  • Community & Volunteering Programmes: Make a difference in your community with our volunteering opportunities.
  • Green Car Scheme: Drive green and save money with our eco-friendly car scheme.
  • Cycle Scheme: Stay fit and healthy with our cycle-to-work scheme.
  • Special Time Off: Take time off for those big moments in life, like getting married/entering into a civil partnership, becoming a grandparent, and welcoming home a new pet.
  • Family Planning: Benefit from our generous maternity and paternity leave, as well as time off and support for those undergoing fertility treatments.


About
We assess, develop and manage cyber threats across our increasingly connected society. We advise global technology, manufacturers, financial institutions, critical national infrastructure providers, retailers and governments on the best way to keep businesses, software and personal data safe.With our knowledge, experience and global footprint, we are best placed to help businesses identify, assess, mitigate & respond to the risks they face.We are passionate about making the Internet safer and revolutionising the way in which organisations think about cyber security.Headquartered in Manchester, UK, with over 35 offices across the world, NCC Group employs more than 2,000 people and is a trusted advisor to 15,000 clients worldwide.
HQ

NCC Group Manchester, England Office

Manchester, United Kingdom

NCC Group Manchester, England Office

XYZ, 2 Hardman Blvd, Manchester , Manchester, United Kingdom, M3 3AQ

Similar Jobs

2 Days Ago
Hybrid
Entry level
Entry level
Information Technology • Professional Services • Software • Cybersecurity
Monitor and triage security alerts in the Event Monitoring Centre, perform basic vulnerability and DLP analysis, escalate confirmed or suspicious incidents to senior analysts, document incidents and procedures, suggest tuning and process improvements, and collaborate with analytic development and security engineering. Provide customer-facing reporting and remediation recommendations while learning under senior mentorship.
Top Skills: AWSContent Delivery NetworksData Loss PreventionGCPIdsItsmLinuxMitre Att&CkOciSIEMSplunkWiz
2 Days Ago
Hybrid
Junior
Junior
Information Technology • Professional Services • Software • Cybersecurity
Monitor and triage security alerts from SIEM/IDS/ITSM, perform basic vulnerability and DLP analysis, escalate incidents to senior analysts, document incidents and playbooks, recommend remediation, and collaborate with analytic development and security engineering while receiving mentorship.
Top Skills: AWSDlpGCPIdsItsmLinuxMitre Att&CkOciSIEMSplunkWiz
42 Minutes Ago
Easy Apply
Hybrid
Easy Apply
Senior level
Senior level
Fintech • Information Technology • Payments • Productivity • Software • Travel • Automation
Drive product positioning and go-to-market for travel-focused SaaS products. Develop messaging, value props, and marketing materials; run market research and competitive analysis; partner with product, sales, enablement, and marketing to launch products, enable field teams, and optimize campaigns using data and AI.

What you need to know about the Manchester Tech Scene

Home to a £5 billion digital ecosystem, including MediaCity, which consists of major players like the BBC, ITV and Ericsson, Manchester is one of the U.K.'s top digital tech hubs, at the forefront of advancements in film, television and emerging sectors like as e-sports, while also fostering a community of professionals dedicated to pushing creative and technological boundaries.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account