1. Home
  2. Infra / Networks / Telecom
  3. Tier 2 Security Incident Response Control Center Analyst

Offers “Dxc Technology”

Expires soon
Dxc Technology

Tier 2 Security Incident Response Control Center Analyst

  • Sofia, BULGARIA
  • Infra / Networks / Telecom
Apply Now

Job description


·  Job Description:

About DXC:

DXC Technology (NYSE: DXC) is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and public sector clients across 70 countries. The company’s technology independence, global talent, and extensive partner alliance combine to deliver powerful next-generation IT services and solutions. DXC Technology is recognized among the best corporate citizens globally.

Role Description:

•    The position will report to the SIRCC Manager and is located in a follow-the-sun 24x7 operations environment with other team members and other shift workers in other locations.  
•    Work directly with and support the Tier 1 Analysts as the first point of contact for all DXC internal Security Incidents
•    Analyze and perform risk assessments on the potential impact to the business of security events/incidents.
•    Coordinating the response to security incidents by the technical groups within the business, including communication with subject matter experts and between business units, directing technical resources, follow-up on tasks assigned by management to business units, and working with technical resources to complete actions if required.

Primary Responsibilities:

•    Analyze and perform risk assessments on the potential impact to the business of security events/incidents.
•    Coordinating the response to security incidents by the technical groups within the business, including communication with subject matter experts and between business units, directing technical resources, follow-up on tasks assigned by management to business units, and working with technical resources to complete actions if required.
•    Ensuring that significant security incidents are reported clearly and concisely managed in a reasonable time frame.
•    Initial monitoring and analysis of the output from security devices such as IPS, malware alerts, firewall logs, proxy logs, system logs, and so on.
•    Perform behavioral analysis of malware samples in a controlled environment, document the results, and provide the samples and documentation to a reverse engineering team.
•    Compiling, reviewing, and submitting incident reports for final peer and management review, prior to release to the business.
•    Research new vulnerabilities and security threats reported by external security entities, perform and document risk assessments as to the potential impact of said vulnerabilities and threats to the business.  Communicate this information to management and other business units as appropriate.
•    Contributing to existing process and procedure documentation, and assist in creating new process and procedure documentation in response to dynamically changing threats, information security landscapes, and business requirements.

Key Skills and Experience required:

Bachelors Degree in Information Security or related discipline, or any of the following or 
similar related certifications: CCNA, CEH, OSCP, OPST, eCPTT, GCIH or GSEC

•    In-depth understanding of TCP, IP, and other lower level network protocols, as well as common higher level protocols such as HTTP, HTTPS, SMTP, POP3, FTP, and so on, and the ability to analyse captures of network traffic.
•    Familiarity with network security devices, including firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, and so on.
•    Understanding of modern network operating systems, how they communicate, and in particular familiarity with the Microsoft Windows line of Operating Systems.
•    Strong understanding of the malware products available on the market, how anti-malware software works, and how it is used in an Enterprise environment.
•    Basic knowledge about common types of Information Security threats, such as buffer overflows, cross site scripting, SQL injection, phishing, and other techniques used to compromise security.
•    The ability to perform analysis of log files from multiple different devices and environments, and identify indicators of security threats.
•    Familiarity with Information Security practices and procedures, including investigative processes, and requirements for security audits such as SOX, SAS70, or ISO27001.
•    Strong English writing skills, in particular the ability to communicate clearly with correct spelling, grammar, sentence structure.
•    Understanding of, and experience using, Unix-style operating systems, such as Solaris, Linux, or BSD.
•    Experience with multiple types of enterprise level anti-malware packages currently available.
•    Experience with Operating System security, administration, and logging in an enterprise environment.
•    Experience with basic scripting languages such as bash, Python or Powershell.
•    Previous experience writing technical documentation and/or process documentation.
•    Experience dealing with Cybercrime and working in an environment that requires an investigative response when dealing with computer based electronic evidence.
•    Bachelors Honours project in Information Security.

In return, we offer:

• Great opportunity for professional development in the Security field
• Competitive remuneration package
• Medical insurance
• 4 days additional paid leave (total:24 days)
• Food vouchers
• Life insurance
• Corporate badge program

Make every future a success.
  • Job directory
  • Business directory
    •