Job Description

:

DXC Technology is a Fortune 500 global IT services leader. Our more than 130,000 people in 70- plus countries are entrusted by our customers to deliver what matters most. We use the power of technology to deliver mission-critical IT services across the Enterprise Technology Stack to drive business impact. DXC is an employer of choice with strong values, and fosters a culture of inclusion, belonging and corporate citizenship.

Responsibilities:

Utilize advanced technical background and experience to scrutinize and provide corrective analysis to escalated cyber security events from Tier 1 & 2 analysts distinguishing these events from benign activities and escalating confirmed incidents to the Incident Response Lead.

Provide in-depth cyber security analysis, and trending/correlation of large datasets such as logs, event data, and alerts from diverse network devices and applications within the enterprise to identify and troubleshoot specific cyber security incidents and make informed technical recommendations that enable remediation efficiently.

Proactively search through log, network, and system data to find and identify undetected threats.

Identify and ingest indicators of compromise (IOC\xe2\x80\x99s) (e.g., malicious IPs/URLs, etc.) into network security tools/applications to protect the clients network.

Quality-proof technical advisories and assessments prior to release from SOC.

Coordinate with and provide expert technical support to enterprise-wide technicians and staff to resolve confirmed incidents.

Report common and repeat problems, observed via trend analysis, to SOC management and propose process and technical improvements to improve the effectiveness and efficiency of alert notification and incident handling.

Formulate technical best-practice SOPs and Runbooks for SOC Analysts.

Respond to inbound requests via phone and other electronic means for technical assistance and resolve problems independently. Coordinate escalations with Service Delivery Lead and collaborate with internal technology teams to ensure timely resolution of issues.

Identifies, reports, and resolves security violations.

Skills and Qualifications:

At least 3-5 years of demonstrated operational experience as a cyber security analyst/engineer handling cyber security incidents and response in critical environments, and/or equivalent knowledge in areas such as: technical incident handling and analysis, intrusion detection, log analysis, penetration testing, vulnerability management

In-depth understanding of: current cyber security threats, attacks and countermeasures for adversarial activities such as network probing and scanning, distributed denial of service (DDoS), phishing, ransomware, botnets, command and control (C2) activity, etc.

In-depth hands-on experience analyzing and responding to security events and incidents with most of the following technologies and/or techniques: security information and event management, (SIEM) technologies, intrusion detection/prevention systems (IDS/IPS), network and host-based firewalls, network access control (NAC), data leak protection (DLP), database activity monitoring (DAM), web and email content filtering, vulnerability scanning tools, endpoint protection, secure coding, etc.

Strong communication, interpersonal, organizational, oral, and customer service skills.

Strong knowledge of TCP/IP protocols, services, and networking.

Knowledge of forensic analysis techniques for common operating systems.

Adept at proactive search, solicitation, and detailed analysis of threat intelligence (e.g., exploits, IOCs, hacking tools, vulnerabilities, threat actor TTPs) derived from open-source resources and external entities, to identify cyber security threats and derive countermeasures, not previously ingested into network security tools/applications (external & internal threat hunting)

Excellent ability to multi-task, prioritize, and manage time and tasks effectively.

Ability to work effectively in stressful situations.

Strong attention to detail.

Strong understanding of command line scripting and implementation (i.e., Python, PowerShell, Bash Shell)

Ability to write new content/searches/scripts (e.g., Splunk dashboards, Splunk ES alerts, QRadar, RSA Netwitness, SumoLogic, etc.)

Experience with tools such as Active Directory, Cisco IOS, MS Server, AMP, Splunk ES, SNORT, Yara, IronPort, and Firepower.

Strong understanding of networking (TCP Flags, TCP Handshake, IP addressing, Firewalls, Proxy, IDS, IPS)

Ability to perform NetFlow / packet capture (PCAP) analysis

Information Technology security related certifications such as but not limited to: CompTIA A+, Network+, Security+, Linux related certifications, Cisco CCNA, Microsoft Certified Azure Fundamentals, AWS Cloud Practitioner

Preferred Skills:

Certification desired - SANS GCIA, GCED, GPEN, GCIH or similar industry

Experience working with or in any of the following

Computer Incident Response Team CIRT

Computer Emergency Response Team CERT

Computer Security Incident Response Center CSIRC

Degree in Computer Science, Information Security or similar discipline

Our culture and benefits: DXC is committed to building better futures for our customers, colleagues, environment, and communities. We take care of each other and foster a culture of inclusion, belonging and corporate citizenship. We put this to action developing and implementing societal initiatives within our Social Impact Practice. #WeAreDXC

As an employer of choice, our \xe2\x80\x9cpeople first\xe2\x80\x9d philosophy means we offer competitive remuneration, benefits, training and career opportunities that reflect our commitment to improving the lives of our employees, and the communities in which we live and work. Some of these include;

• Extensive resources to support your onboarding and continual development including DXC University

• DXC Recognition, our global virtual platform that fosters a culture of appreciation and celebration with real-time reward and recognition \xe2\x80\xa2 We know that great people refer great people. We will reward you when you bring your friends and family to work at DXC

• More time to do the things you love with flexible leave options, including purchased leave

• Take time to give back with charitable and emergency services volunteer days

• Well-being matters to us and our Employee Assistance Program is there to support you and your family

How to apply & our commitment to you in return: If you would like to be part of a culture that drives innovation, delivers results, rewards performance and encourages ideas, then please press the "Apply Now" button to submit your resume.

In return, we agree to ensure a hiring process that is enjoyable, thorough, and fair. We strive to provide an environment that lets you thrive and show off the very best version of yourself, while learning about us at the same time.

Interviews and onboarding are conducted online, as part of us being a virtual-first company.

We are an Equal Opportunity Employer: DXC is proud to be an equal opportunity employer and we welcome submissions from people from all walks of life. We celebrate our diversity and recognise it is the unique contributions of our people that give us our edge. We stand by the \xe2\x80\x98bring your whole-self to work\xe2\x80\x99 philosophy. It is our inclusive culture that powers our results, and our company grows only if our people grow.

Accommodation of special needs for qualified candidates may be considered within the framework of the DXC Accommodation Policy. In addition, DXC Technology is committed to working with and providing reasonable accommodation to support qualified individuals with physical and mental disabilities

DXC Technology