Associate SOC Analyst, Security Operations (SecOps) – EMEA

About Northern Trust:

Northern Trust, a Fortune 500 company, is a globally recognized, award-winning financial institution that has been in continuous operation since 1889.

Northern Trust is proud to provide innovative financial services and guidance to the world’s most successful individuals, families, and institutions by remaining true to our enduring principles of service, expertise, and integrity. With more than 130 years of financial experience and over 22,000 partners, we serve the world’s most sophisticated clients using leading technology and exceptional service.

The Associate SOC Analyst, Security Operations (SecOps) – EMEA is an early‑career role within the Security Operations Centre (SOC), responsible for supporting the monitoring, detection, analysis, and initial response to cybersecurity threats and incidents impacting Northern Trust.

The role operates within a 24x7, follow‑the‑sun SOC model, working closely with SecOps worldwide to ensure timely, consistent, and compliant security monitoring and incident handling. This position is well‑suited for individuals seeking hands‑on wide varied and collaborative experience in enterprise cyber .

Ongoing training, mentoring, and exposure to real‑world security incidents are core components of the role.

Additional responsibilities include:

• Monitoring, analysing, and triaging security alerts generated by SOC tooling (e.g., SIEM, EDR, identity, email, and cloud security platforms).
• Performing initial investigation of alerts and suspicious activity using documented SOC playbooks and standard operating procedures.
• Determining alert validity, impact, and severity, and escalate confirmed or high‑risk incidents in line with defined SOC escalation paths.
• Supporting incident response activities by collecting evidence, validating indicators of compromise, and maintaining accurate investigation timelines.
• Executing approved containment or response actions when directed (e.g., user account containment, endpoint isolation, blocking malicious indicators).
• Maintaining high‑quality case documentation within SOC ticketing and case management systems.
• Participating in shift handovers to ensure continuity of monitoring and investigations across regions.
• Supporting detection quality activities, including alert validation, false‑positive analysis, and basic tuning tasks.
• Collaborating with IT, identity, cloud, and regional security stakeholders during investigations.
• Contributing to SOC operational metrics, reporting, and continuous improvement initiatives.

Required Skills & Qualifications

• A drive to develop a career path in Cyber Security. 
• Foundational understanding of cybersecurity threats and attack types, including phishing, malware, credential compromise, and basic network attacks.
• Knowledge of networking concepts (TCP/IP, DNS, HTTP/S) and identity/authentication fundamentals.
• Familiarity with at least one SOC‑relevant security domain (endpoint, identity, email, network, or cloud security).
• Demonstrated ability to follow structured SOC investigation processes and document findings clearly and accurately.
• Basic querying or scripting skills (e.g., KQL, SQL, PowerShell, Python) are advantageous.
• Strong analytical mindset with attention to detail and an ability to prioritise alerts effectively.
• Clear written and verbal communication skills suitable for operational and incident‑related updates.
• Willingness and ability to work shift patterns as part of a 24x7 SOC environment.
•  Strong sense of responsibility and ownership for assigned alerts and investigations.
• Curiosity and a continuous‑learning mindset, with openness to coaching and feedback.
• Demonstrated ability to remain calm, structured, and professional during high‑severity or time‑sensitive incidents.
   

Preferred Skills & Experience

• Exposure to SOC tooling such as SIEM platforms, EDR solutions, or cloud security monitoring tools.
• Experience working with incident, alert, or service‑management ticketing systems.
• Awareness of common attacker tactics, techniques, and procedures (TTPs) aligned to SOC investigations.
• Previous experience in a SOC or related areas such as IT operations/support is beneficial.

Education & Certifications

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline, or equivalent practical experience.

Working with Us:

As a Northern Trust partner, greater achievements await. You will be part of a flexible and collaborative work culture in an organization where financial strength and stability is an asset that emboldens us to explore new ideas.

Movement within the organization is encouraged, senior leaders are accessible, and you can take pride in working for a company committed to assisting the communities we serve! Join a workplace with a greater purpose.

We’d love to learn more about how your interests and experience could be a fit with one of the world’s most admired and sustainable companies! Build your career with us and apply today. #MadeForGreater

Reasonable accommodation

Northern Trust is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation for any part of the employment process, please email our HR Service Center at MyHRHelp@ntrs.com.

We hope you’re excited about the role and the opportunity to work with us. We value an inclusive workplace and understand flexibility means different things to different people.

Apply today and talk to us about your flexible working requirements and together we can achieve greater.