CrawlJobs Logo

SOC Solutions Engineer - QRadar and Splunk

nttdata.com Logo

NTT DATA

Location Icon

Location:
United Kingdom , Birmingham

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

Join a leading Managed Service Provider as a SOC Solutions Engineer specializing in QRadar and Splunk. Enhance security operations, develop incident response playbooks, and collaborate with teams to optimize threat detection strategies. Bring your expertise in SIEM platforms and a strong understanding of cybersecurity frameworks to make a significant impact.

Job Responsibility:

  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
  • Translate threat models into actionable detection use cases and SIEM rules
  • Prioritize detection engineering efforts based on risk and business impact
  • Generate reports and dashboards for stakeholders on security posture and incident trends
  • Work closely with IT, DevOps, and compliance teams to ensure secure system configurations
  • Provide mentorship and guidance to junior analysts and engineers
  • Maintain accurate and up-to-date documentation of security procedures, incident response plans, and analysis reports
  • Support the creation of monthly reporting packs as per contractual requirements
  • Create and document robust event and incident management processes, Runbooks & Playbooks
  • Involvement in scoping and standing up new solutions for new opportunities
  • Assisting Pre-Sales team with requirements on new opportunities
  • Demonstrations of SOC tools to clients
  • Continual Service Improvement - Recommendations for change to address incidents or persistent events

Requirements:

  • Must be able to obtain SC Clearance or already hold SC clearance
  • Hands-on experience of IBM QRadar
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
  • Good understanding on network traffic flows and able to understand normal and suspicious activities
  • Good understanding of Vulnerability Scanning and management as well as Ethical Hacking (Penetration Testing)
  • Knowledge of ITIL disciplines such as Incident, Problem and Change Management
  • Ability to work with minimal levels of supervision
  • Willingness to work in a job that involves 24/7 on call
  • Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
  • Preferably holds Cyber Security Certification e.g. ISC2 CISSP, GIAC, SC-200, Splunk Certified Admin/Power User, IBM QRadar Certified Specialist, Google Chronicle Security Engineer etc
  • Experience with Service Now Security suite
  • Experience with Cloud platforms (AWS and/or Microsoft Azure)
  • Excellent knowledge of Microsoft Office products, especially Excel and Word
What we offer:
  • Range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Continuous growth and development opportunities
  • Flexible work options
  • Inclusive work environment
  • Range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network

Additional Information:

Job Posted:
January 26, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SOC Solutions Engineer - QRadar and Splunk

Cyber Security Engineer

We are looking for someone dynamic who can quickly adapt to new challenges and f...
Location
Location
Portugal , Lisbon
Salary
Salary:
Not provided
miniclip.com Logo
Miniclip
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 1 year of experience in SOC or similar cybersecurity role with exposure to advanced threat detection and analysis
  • Background in Computer Science, Information Technology, or a related field
  • Proficiency in SIEM platforms (e.g., Sentinel, Splunk, QRadar) and writing custom correlation rules
  • Hands-on experience conducting: Technical Software Security Risk Assessments
  • Vulnerability Assessments in web and/or mobile applications, and Physical and Wireless penetration testing
  • Document and report incidents/assessments/findings
  • Understanding of cybersecurity standards and frameworks (e.g., ISO27001, NIST, NIS2, OWASP)
  • Availability for work outside of regular hours on short notice to handle emergencies
  • A social and hard-working candidate who thrives in a team environment and is passionate about their work
  • Solid understanding of cyber security best practices and frameworks
Job Responsibility
Job Responsibility
  • Incident handling: Identifying, triaging, and investigating potential security incidents
  • Systems Administration: Understanding system internals and implementing effective countermeasures and remediation strategies on different operating systems
  • Computer Forensic Analysis: Possessing a background in utilizing diverse forensic analysis tools during incident response investigations to assess the scope and depth of compromise
  • Vulnerability Assessment: Review and validate vulnerability reports collected by our systems working closely with cross-functional core/development teams to prioritize and facilitate the remediation of identified vulnerabilities in a timely manner
  • Reporting and documentation: Develop and maintain accurate records of all the incidents, vulnerability reports, assessments, remediation efforts, ensuring clear documentation of findings and resolutions
  • Awareness: Promote security awareness within the organization by conducting training sessions, sharing insights on emerging threats, and fostering a culture of security consciousness
  • Threat Hunting: Performing proactive threat hunting across the group
  • Physical Security: Availability to travel through our different studios to identify physical vulnerabilities and propose remediation measures
Read More
Arrow Right

Security Engineer

As a SOC Engineer at NTT DATA, you will play a crucial role in defending clients...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven hands-on experience with SIEM platforms such as Splunk, QRadar, Sentinel, Microsoft Defender, or Chronicle
  • Expertise with SIEM query languages (e.g., KQL, SPL, AQL) and strong knowledge of log normalization and parsing
  • Proficiency in scripting (e.g., Python, PowerShell) to automate tasks and build SOC efficiencies
  • Deep familiarity with cyber threat detection techniques related to frameworks like MITRE ATT&CK and vulnerability management
  • Experience managing ITIL processes, including Incident, Problem, and Change Management
  • CISSP, GIAC, SC-200, Splunk Power User/Admin, QRadar Specialist, or Chronicle Security Engineer certifications preferred
  • Candidates must be eligible to obtain UK SC clearance
  • Strong analytical and communication skills to present complex information to technical and non-technical stakeholders
  • Experienced in collaborative team dynamics and independent problem-solving
  • Proven ability to transfer knowledge and mentor junior SOC team members effectively
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms such as Splunk, QRadar, Sentinel, and Chronicle to enable robust threat detection
  • Normalize and onboard diverse log sources from cloud and on-premises environments for seamless monitoring
  • Develop and continually refine SIEM rules and queries for use cases involving advanced threat behaviors and anomaly detection
  • Design and implement incident response playbooks for threats such as phishing, lateral movement, malware infections, and more
  • Integrate response automation into SOAR platforms (e.g., XSOAR, Azure Logic Apps), reducing response times and manual overhead
  • Use feedback from simulated incidents and threat intelligence to refine existing playbooks and workflows
  • Monitor security alerts for potential threats, investigate incidents, and coordinate cross-team response activities
  • Collaborate with threat intelligence teams to enhance detection logic and fine-tune resolution processes
  • Perform root-cause analysis (RCA) of recurring incidents and help define corrective actions to reduce future risks
  • Perform threat modeling using industry frameworks such as MITRE ATT&CK, STRIDE, or the Cyber Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

Senior SOC Analyst

The Senior SOC Analyst will play a crucial role in enhancing security operations...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be able to obtain SC Clearance or already hold SC clearance
  • SIEM Expertise: Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
What we offer
What we offer
  • We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing
  • Our Learning and Development team ensure that there are continuous growth and development opportunities for our people
  • We also offer the opportunity to have flexible work options
Read More
Arrow Right

SOC Analyst L3

The primary function of the Tier 3 Analyst is to enhance our security operations...
Location
Location
Belgium , Diegem
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 3 to 5 years of experience in the IT security industry, preferably working in a SOC/NOC environment
  • Hands-on experience with at least two of the following: Splunk, IBM QRadar, Microsoft Defender for Endpoint, Microsoft Sentinel, Google Chronicle
  • Strong knowledge of log formats, parsing, and normalization
  • Experience with KQL, SPL, AQL, or other SIEM query languages
  • Familiarity with scripting (Python, PowerShell) for automation and enrichment
  • Deep understanding of threat detection, incident response, and cyber kill chain
  • Familiarity with MITRE ATT&CK, NIST, and CIS frameworks
  • Strong verbal and written English communication
  • Strong interpersonal and presentation skills
  • Strong analytical skills
Job Responsibility
Job Responsibility
  • Deploy, configure, and maintain SIEM platforms (Splunk, QRadar, Sentinel, Defender, Chronicle)
  • Onboard and normalize log sources across cloud and on-prem environments
  • Develop and optimize analytical rules for threat detection, anomaly detection, and behavioural analysis
  • Design and implement incident response playbooks for various threat scenarios (e.g., phishing, lateral movement, data exfiltration)
  • Integrate playbooks with SOAR platforms (e.g., Microsoft Logic Apps, XSOAR) to automate triage and response
  • Continuously refine playbooks based on threat intelligence and incident feedback
  • Monitor and analyse security alerts and events to identify potential threats
  • Perform in-depth investigations and coordinate incident response activities
  • Collaborate with threat intelligence teams to enrich detection logic
  • Conduct threat modelling exercises using frameworks like MITRE ATT&CK, STRIDE, or Kill Chain
  • Fulltime
Read More
Arrow Right
New

Senior SOC Analyst

In Cyclad we work with top international IT companies in order to boost their po...
Location
Location
Salary
Salary:
Not provided
cyclad.pl Logo
Cyclad Sp. z o.o.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in a SOC or cybersecurity operations role
  • Strong experience with SIEM platforms (e.g., Splunk, IBM QRadar, Microsoft Sentinel)
  • Hands-on experience with EDR/XDR solutions (e.g., CrowdStrike, Microsoft Defender, SentinelOne)
  • Solid understanding of network protocols, system logs, and security event analysis
  • Experience with threat intelligence platforms and frameworks (e.g., MITRE ATT&CK)
  • Proficiency in analyzing logs from Windows, Linux, and cloud environments
  • Familiarity with scripting (e.g., Python, PowerShell) for automation and analysis
  • Strong analytical, problem-solving, and decision-making skills
  • Fluent English, both written and spoken
Job Responsibility
Job Responsibility
  • Monitor, analyze, and respond to security events and incidents using SIEM and other security tools
  • Lead incident response activities, including investigation, containment, eradication, and recovery
  • Perform advanced threat hunting and detection engineering
  • Develop and tune detection rules and use cases to improve SOC effectiveness
  • Analyze malware, phishing campaigns, and emerging threats
  • Coordinate with IT, engineering, and external stakeholders during security incidents
  • Mentor and support junior SOC analysts
  • Create and maintain incident response playbooks and documentation
  • Participate in on-call rotation and handle escalated security alerts
  • Ensure compliance with internal policies and industry standards
What we offer
What we offer
  • Private medical care with dental care (covering 70% of costs)
  • Family package option possible
  • Multisport card (also for an accompanying person)
  • Life insurance
  • Work with talented engineers on large-scale, technically challenging projects
  • Fulltime
Read More
Arrow Right

Professional Services Staff Consultant

As a Senior Consultant for SOC Transformation & XSIAM / XSOAR Deployment, you wi...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in modernizing and transforming Security Operations Centers (SOCs) to achieve automation, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders
  • Ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
  • Fulltime
Read More
Arrow Right

Professional Services Staff Consultant

As a Senior Consultant for SOC Transformation & XSIAM / XSOAR Deployment, you wi...
Location
Location
France , Paris
Salary
Salary:
Not provided
paloaltonetworks.com Logo
Palo Alto Networks
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record - modernizing and transforming Security Operations Centers (SOCs) to achieve AUTOMATION, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders
  • Ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
Read More
Arrow Right

Senior Professional Services Consultant - Automation

As a Senior Consultant for SOC Transformation & XSIAM / XSOAR Deployment, you wi...
Location
Location
Spain , Madrid
Salary
Salary:
Not provided
paloaltonetworks.it Logo
Palo Alto Networks Italia
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A proven track record in modernizing and transforming Security Operations Centers (SOCs) to achieve automation, AI-driven detection, and measurable improvements in MTTD/MTTR
  • Exceptional executive presence, with strong verbal and written communication skills to engage with stakeholders from the SOC analyst to the CISO
  • Experience acting as a trusted advisor to senior security leaders
  • Ability to diagnose challenges and deliver strategic recommendations
  • 10+ years of hands-on experience in deploying and integrating SIEM/security analytics solutions within large enterprise environments
  • 8+ years of experience with Security Operations Center (SOC) tooling, processes, and workflows
  • Hands-on technical mastery across SIEM, SOAR, EDR, cloud security, and threat intelligence
  • Ability to conceive, architect, and develop effective correlation and detection rules
  • Familiarity with a range of SIEM technologies, such as Splunk and IBM QRadar, is a plus
  • Strong expertise in Regular Expressions (Regex)
Job Responsibility
Job Responsibility
  • Serve as the lead strategic advisor and subject matter expert for customers undertaking a full-scale SOC modernization with XSIAM
  • Lead multi-national SOC transformation programs, consolidating fragmented detection and response processes into a unified, AI-driven platform
  • Direct enterprise-scale XSIAM deployments, guiding customers from initial strategy to full operationalization
  • Devise and oversee comprehensive log ingestion strategies to ensure high-quality data fuels the XSIAM platform
  • Architect and implement sophisticated detection strategies and correlation rules to fortify customer defenses against advanced threats
  • Fine-tune and optimize log sources and correlation rules to maximize system performance and detection efficacy
  • Identify opportunities to enhance analyst alert handling and response through automation
  • Transform ambiguity into structured action plans, driving accountability at every level of a customer engagement
  • Build and mentor high-performing professional services teams that blend consulting, engineering, and change management expertise
  • Partner with Product and R&D teams to incorporate field insights into roadmap priorities
  • Fulltime
Read More
Arrow Right