Job Description:
Job scope/summary:
Security Information Response Control Center (SIRCC) Analyst position is responsible for the receipt, logging, analysis, and ongoing management of reported security incidents, with a focus on identifying, tracking, and responding to both internal and external security threats in accordance with established procedures.
Job specifics/responsibilities:
- Analyze and perform risk assessments on the potential impact to the business of security events/incidents.
- Coordinating the response to security incidents by the technical groups within the business, including communication with subject matter experts and between business units, directing technical resources, follow-up on tasks assigned by management to business units, and working with technical resources to complete actions if required.
- Ensuring that significant security incidents are reported clearly and concisely management in a reasonable time frame.
- Initial monitoring and analysis of the output from security devices such as Intrusion Prevention Systems, malware alerts, firewall logs, proxy logs, system logs, and so on.
- Perform behavioral analysis of malware samples in a controlled environment, document the results, and provide the samples and documentation to a reverse engineering team.
- Compiling, reviewing, and submitting incident reports for final peer and management review, prior to release to the business.
- Research new vulnerabilities and security threats reported by external security entities, perform and document risk assessments as to the potential impact of said vulnerabilities and threats to the business. Communicate this information to management and other business units as appropriate.
- Contributing to existing process and procedure documentation, and assist in creating new process and procedure documentation in response to dynamically changing threats, information security landscapes, and business requirements.
Key deliverables/accountabilities:
- Tasks to be performed with the highest quality and according to predefined timelines
- Strictly follow DXC ITSM/ITIL processes and procedures
- Responding to major client security incidents.
Working relationships:
Internal:
- Other Internal Support Teams
- Security Officers
- Client Capability Leads
- Technical Owners
- Account Support Team members
- Technology Delivery Managers
- Service Delivery Managers
- Team Technology Leads
External:
Education (degree) and professional experience required:
- University Degree/Diploma in Computer Science, Computer Engineering, Electrical Engineering, Management Information Systems or equivalent certifications (CCNA,CHFI, CEH,CPT, CompTIA Security +, GCIH, GSEC).
- Minimum of 1+ years’ hands-on technical knowledge of analyzing event logs/system logs, from Windows Operating Systems, Unix/Linux Operating Systems, Cisco PIX/Switches/Routers, Wireshark/Ethereal network dumps.
- Good knowledge of IT Operations, infrastructure services support (Systems NT, UX, Storage, Backups, DB’s or Network management), security incident and security processes
- Excellent understanding of ITSM/ITIL processes
Other requirements:
- Fluent in English language
Personal skills and qualities:
- Strong analytical and critical thinking skills, with the ability to synthesize complex information.
- Excellent written and verbal communication skills, including report writing and presentation.
- Ability to learn new technologies, processes, and intelligence methodologies proactively.
- Understanding of network and endpoint security principles, as well as current threat and attack trends.
- Ability to contribute to technical deliverables and documentation for team and customer use.
- The ability to learn or develop new processes quickly in response to changes in business requirements and the Information Security landscape.
- The ability to think flexibly and “outside the box” and to communicate clearly while under pressure.
Technical skills:
- In-depth understanding of TCP, IP, and other lower level network protocols, as well as common higher-level protocols such as HTTP, HTTPS, SMTP, POP3, FTP, and so on, and the ability to analyze captures of network traffic.
- Familiarity with network security devices, including firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, and so on.
- Understanding of modern network operating systems, how they communicate, and familiarity with the Microsoft Windows line of Operating Systems.
- Strong understanding of the malware products available on the market, how anti-malware software works, and how it is used in an Enterprise environment.
- Basic knowledge about common types of Information Security threats, such as buffer overflows, cross site scripting, SQL injection, phishing, and other techniques used to compromise security.
- The ability to perform analysis of log files from multiple different devices and environments and identify indicators of security threats.
- Familiarity with Information Security practices and procedures, including investigative processes, and requirements for security audits such as SOX, SAS70, or ISO27001.
- The ability to perform independent research and analysis of security threats and issues using various available resources, and to document and report on the results.
- Basic programming or scripting skills.
- Familiarity with SIEM, EDR platforms, and network forensics.
At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.