DXC Technology · 3 days ago
Cybersecurity Analyst - Tier 2
Wonder how qualified you are to the job?
Insider Connection @DXC Technology
Responsibilities
The Tier 2 Information Security Analyst is responsible for the first line of security incident response in the client SIEM environment. The core responsibilities include the monitoring of client SIEM alerts in real-time, researching threat information, and escalating legitimate security incidents to the client. This position is also a technical escalation resource for the Tier I Information Security Analysts
Tier 2 analysts provide a further in-depth analysis and focus on incident support and alert handling from Tier 1. They coordinate security monitoring findings with the Threat Intelligence team, vendor partners, and with specific points of contact to obtain a wider analysis of event data and its impact on designated environments.
Tier 2 analysts will utilize various meeting systems and telephone bridges to provide updates on attacks and advise clients on technical countermeasures. Tier 2 analysts will also perform a Root Cause Analysis of an attack. The investigation may continue for an extended period time beyond the resolution of an incident to gather additional information, and coordinate with constituents to determine the event’s extent and severity.
Tier 2 monitoring functions:
+ Triage: In support of Tier 1 staff OR independently - review, assess and act. May be direct or part of an automated action.
+ Threshold Monitoring: Actively monitor indicators that are approaching security, service and/or compliance Thresholds. Also included recommendation on the ongoing establishment and adjustment of said thresholds
+ Playbooks/Threat Analysis: Execute analysis process as required. Assist in the general maintenance and improvement of the process and/or playbooks
+ Active Investigation/Cause Analysis (Who, What, When, Where, How): initiation and follow-through to ensure quality forensic materials are captured. Participate in Root Cause Analysis if required
+ Escalation: Maintain the escalation chain integrity and service levels
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
2 – 4 years of relevant experience or equivalent combination of education, certifications, and work experience: undergraduate degree and 1-2 years of relevant experience
1 – 2 years of Information Technology experience with network technologies, specifically TCP/IP, and related network tools
Understanding of source code, hex, binary, regular expression, etc
Experience assisting the development and maintenance of tools, procedures, and documentation
Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)
Experience using SIEM tools, ticketing systems, and performing cyber threat analysis
Preferred
Fixed 12 hours shifts, 2-2-3 schedule
Shifts are 3:00AM or 3:00PM
To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State
Benefits
Health insurance
Dental insurance
Vision insurance
Employee wellness program
Life insurance
Disability insurance
Retirement savings plan
Paid holidays
Paid time off
Company
DXC Technology
DXC Technology is an IT and consulting services company that offers insurance software, security, and application development services.
Funding
Current Stage
Public CompanyTotal Funding
unknown2017-04-03IPO· nyse:DXC
Recent News
2024-06-03
2024-05-20
Company data provided by crunchbase