Senior SOC Analyst jobs in United States
info-icon
This job has closed.
company-logo

NTT DATA North America · 22 hours ago

Senior SOC Analyst

positionMerrifield, VA, US
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

NTT DATA is a global innovator of business and technology services, and they are seeking a Senior SOC Analyst to join their Security Operations Center. This role involves leading advanced incident detection, conducting forensic investigations, and mentoring junior staff to enhance the organization's cybersecurity posture.

ConsultingDigital MarketingInformation ServicesInformation TechnologyIT Management
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Lead advanced incident detection, investigation, and analysis efforts
Correlate SIEM, EDR, IDS/IPS, and firewall data to identify and analyze potential incidents
Perform deep-dive investigations to determine root cause, scope, and impact of incidents
Apply MITRE ATT&CK and other frameworks for adversary TTP identification
Conduct kill-chain and supply chain analysis to understand and counter threats
Coordinate and direct complex incident response activities
Guide preparation, identification, containment, eradication, and recovery actions in collaboration with SOC, forensics, and engineering teams
Serve as the primary escalation point for high-impact or advanced incidents
Ensure incident handling aligns with established guidelines, response plans, and playbooks
Conduct proactive threat hunting to identify emerging risks
Analyze telemetry, logs, and behavioral patterns for indicators of compromise or attack
Hunt for advanced persistent threats and undiscovered vulnerabilities
Use advanced queries in SOC cybersecurity tools to detect anomalous or suspicious activity
Work with forensic teams to ensure proper forensic collection, preservation, and analysis of digital evidence
Coordinate with forensics teams to ensure chain-of-custody and evidence integrity
Extract and analyze relevant artifacts to support investigations and post-incident reviews
Document and communicate forensic findings to stakeholders
Develop and enhance SOC processes, playbooks, and detection capabilities
Refine detection rules, alert thresholds, and automation workflows in SIEM/SOAR platforms and other cybersecurity tools
Create SOPs, knowledge base articles, and training materials for SOC staff
Recommend and guide implementation of new detection and analysis tools
Perform threat intelligence collection, analysis, and dissemination
Gather threat data from internal, classified, and open-source intelligence feeds
Analyze and contextualize intelligence to produce actionable recommendations
Share relevant threat information with SOC, leadership, and partner teams
Mentor and train SOC analysts to improve investigative capabilities and analytical thought process
Provide real-time guidance during active incidents
Conduct regular training sessions, tabletop exercises, and red/blue team drills
Validate analyst findings and provide feedback to designed to provoke thought, improve accuracy, and investigative thoroughness
Collaborate with stakeholders to strengthen overall cybersecurity posture
Work with engineering, IT, and cloud teams to address identified vulnerabilities
Participate in tool evaluations, recommending solutions that enhance SOC capabilities and identify capability overlap
Support internal coordination with client sections, divisions, and external entities
Maintain documentation and reporting for SOC operations
Record investigative steps, evidence, and incident timelines in case management systems
Generate incident reports, trend analyses, and post-mortem summaries
Provide executive-level briefings on security events and SOC performance

Qualification

CybersecurityIncident ResponseThreat HuntingForensic AnalysisMITRE ATT&CK FrameworkSIEM ToolsCyber Defense CertificationsMentoringCollaborationDocumentation

Required

Master's degree in any of the following disciplines (Information Technology, Cybersecurity, Data Science, Information Systems, or Computer Science), from an ABET accredited or CAE designated institution fulfills the educational requirement for this WRC
One-and-one- half (1.5) years of additional experience can substitute for one (1) year of a typical degree program
Minimum 8 years of experience in Information Technology (IT) and/or Information Security (IS)
DoD 8140 certification for their respective area or the ability to obtain certification within six (6) months of onboarding
Active Secret Security Clearance
Must be a US Citizen who lives within a commutable distance to the client's sites in Arlington or Merrifield, VA

Preferred

Cyber Defense Analyst advanced certifications:
CBROPS
CFR
CompTIA: CySA+, Security + CE, CASP+CE
FITSP-O
SANS: GCFA, GCIA, GDSA, GICSP
CCNA-Security, CCNP Security
CISSP (or associate), CCSP
CISA
SSCP
CND

Company

NTT DATA North America

twittertwittertwitter
Glassdoor3.9
company-logo
NTT DATA, Inc. is a trusted global innovator of business and technology services.
dateFounded in 1988
location
Plano, Texas, USA
people-size10001+ employees
web-link
https://us.nttdata.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
John Barr
Vice President - Insurance Strategy
linkedin

Recent News

AETOSWire
NTT DATA Announces Six New AI-Powered Cyber Defense Centers to Strengthen Cyber Resilience and Counter an Evolving Threa...
2025-12-05
MarketScreener
AI bubble to be short-lived, rebound stronger, NTT DATA chief says
2025-12-05
Business Wire
NTT DATA Announces Six New AI-Powered Cyber Defense Centers to Strengthen Cyber Resilience and Counter an Evolving Threat Landscape
2025-12-04
Company data provided by crunchbase