1. Home
  2. Infra / Networks / Telecom
  3. Tier 1 Security Incident Response Control Center

Offers “Dxc Technology”

Expires soon
Dxc Technology

Tier 1 Security Incident Response Control Center

  • Sofia, BULGARIA
  • Infra / Networks / Telecom
Apply Now

Job description


·  Job Description:

About DXC:

DXC Technology (NYSE: DXC) is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and public sector clients across 70 countries. The company’s technology independence, global talent, and extensive partner alliance combine to deliver powerful next-generation IT services and solutions. DXC Technology is recognized among the best corporate citizens globally.

Role Description:

•    The position will report to the SIRCC Manager and is located in a follow-the-sun 24x7 operations environment with other team members and other shift workers in other locations.  
•    First point of contact for all DXC internal Security Incidents
•    Responsible for logging all reported incidents, preforming the initial risk assessment and triage of the incident
•    Manage/coordinate incident responses for ‘low’ priority incidents and escalate to Tier 2/3 teams when the incident is a high priority/complex incident

Primary Responsibilities:

•    Receive input from various event sources, investigate it for unusual and potentially malicious behaviour that may indicate security incidents, and escalate any suspicious activity or anomalies to the Tier 2 SIRCC Analyst team.  
•    During security incidents, liaise with the Tier 2 SIRCC Analyst and Tier 3 Incident Coordinator teams to identify actions that can be completed by the Tier 1 team in relation to the incidents.  
•    Analyse and perform risk assessments on the potential impact to the business threat and vulnerability information in the public domain.  Document the risk assessment, and escalate to the Tier 2 SIRCC Analyst team for peer review and publishing.
•    For low priority incidents (e.g. unsolicited bulk e-mail notifications, one-off or small numbers of known malware infections), coordinate the incident response by the various individuals and other stakeholders within the business.  
•    Document the results of security investigations and incidents in the appropriate ticketing systems.
•    Ensure that incident and event investigation data is correctly recorded for inclusion in regular reports. 
•    Receive escalations from various security SOC teams within the business, and investigate, follow-up on, and escalate to Tier 2 and Tier 3 SIRCC teams as appropriate. 
•    Using an established process, acquire malware samples for analysis by Tier 2 and Tier 3 SIRCC teams.  
•    Take ownership of documenting incidents, as part of the team contribution to the compilation of incident reports for final peer and management review, prior to release to the business.
•    Contributing to existing process and procedure documentation, and assist in creating new process and procedure documentation in response to dynamically changing threats, information security landscapes, and business requirements.
•    When required, mentor other Tier 1 SIRCC Operations team members.

Key Skills and Experience required:

 Diploma or certification in Information Security or related discipline, or any of the 
 following or similar related certifications: CCNA, CEH, OSCP, OPSA, eCPTT, Security+,   
 GCIH or GSEC

•    Basic understanding of TCP/IP and common higher level protocols such as HTTP, HTTPS, SMTP, FTP, and so on.
•    Familiarity with e-mail products and protocols, including the ability to read mail header information.
•    Basic familiarity with network security devices, including firewalls, Intrusion Detection/Prevention Systems, proxies, and so on.
•    Understanding of network operating systems, how they communicate, and in particular familiarity with the Microsoft Windows line of Operating Systems.
•    Familiarity with malware products available on the market, how anti-malware software works, and how it is used in an Enterprise environment.
•    Familiarity with Windows event and system logs, and the ability to identify the anomalies and escalate them for additional investigation.
•    The ability to perform a basic analysis of log files from multiple different devices and environments (such as, AV logs, IDS/IPS logs, etc), and to identify unusual behaviour to be flagged for additional investigation
•    Strong verbal and written English skills and the ability to communicate clearly on telephone calls, and via instant messaging.
•    Diploma or certification in Information Security or related discipline, or any of the following or similar related certifications: CCNA, CEH, OSCP, OPSA, eCPTT, Security+,  GCIH or GSEC
•    Experience with multiple types of enterprise level anti-malware packages currently available.
•    Experience with Oper

In return, we offer:

• Great opportunity for professional development in the Security field
• Competitive remuneration package
• Medical insurance
• 4 days additional paid leave (total:24 days)
• Food vouchers
• Life insurance
• Corporate badge programating System security, administration, and logging in an enterprise environment.

Make every future a success.
  • Job directory
  • Business directory
    •