Tier 1 SOC Analyst- Cyber Threat Analysis Center

Job Description:

Cyber Threat Analyst Roles and Responsibilities Tier 1 Analyst (Junior Analyst)

* You must hold a UK passport only due to the security clearance we can only accept single national status 2nd passport holders OCI & ILR candidates cant be accepted) and you must have been in the UK for the last 5 years. *

*This role is based onsite in DXC Erskine & DXC Farnborough it covers a rotational 24x7 shift pattern*

** MUST have at least 6months working experience in SIEM technologies**

Job Description

The Tier 1 Cyber Security Analyst plays a critical role in the initial triage monitoring and reporting of potential cyber threats within the Cyber Threat Analysis Centre (CTAC). Working under the guidance of more senior analysts the Tier1 Analyst will use their foundational knowledge of security information and event management (SIEM) solutions to support the security operations team. They will also be proficient in utilizing Kusto Query Language (KQL) for log analysis and gain experience using multiple ticketing systems to manage incidents effectively ensuring that we adhere to our service level objectives.

Responsibilities:

Monitor and review security events across various SIEM platforms 24/7/365 to detect triage and respond to security incidents.

Act as the first line of response for security incidents by identifying validating and classifying potential threats escalating to higher tiers when necessary.

Perform preliminary analysis on alerts to determine false positives and escalate confirmed incidents based on predefined criteria.

Create and manage incident tickets in the system to track incident status and facilitate accurate handovers between shifts.

Conduct and document formal handover/takeover procedures at the beginning and end of each shift to ensure continuity of operations.

Liaise with Tier 2 and Tier 3 Analysts for complex investigations continuity briefs and updates on service status issues.

Follow and provide feedback on existing processes; identify and suggest improvements to streamline workflow efficiency.

Follow procedures to communicate and report incidents to appropriate team members and document incidents as per CTAC guidelines.

Work closely with other CTAC team members contributing to a cooperative environment while assisting in the completion of assigned tasks.

Develop a foundational understanding of security event analysis from network traffic host logs and other data sources to support incident identification and escalation.

Complete assigned tasks accurately and in a timely manner as directed by senior analysts or management.

Engage with available knowledge and training tools to maintain and improve technical skills enhancing the ability to support CTAC operations effectively.

Tier 1 Analyst Roles and Responsiblilties

Once comprehensive training has been completed the L1 Analyst will assume shift lead duties in the absence of an L2 Analyst. They will be responsible for security monitoring completion of all assigned tasks and ensuring a thorough handover at the end of the shift. Knowledge and Skills

Understands and can explain foundational networking concepts including IP addressing basic network protocols and how traffic flows within a network.

Basic knowledge of Windows and Linux operating environments including standard commands file systems and user authentication mechanisms.

Competence in using SIEM for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms.

Able to demonstrate basic knowledge using Kusto Query Language (KQL) to search and filter logs effectively.

Familiar with opensource intelligence (OSINT) techniques to aid in identifying potential threats and gathering information.

Able to communicate clearly and efficiently with team members and stakeholders both internally and externally under direction from senior analysts.

Can communicate simple technical issues to nontechnical individuals in a clear and understandable way.

Able to create concise structured reports that outline findings from preliminary investigations and daily monitoring activities.

Able to manage personal workload effectively to ensure timely completion of assigned tasks within the SOC.

Willing to collaborate with team members accepting guidance and learning from more experienced analysts.

Shows initiative in learning new technologies and techniques leveraging internal resources and training to grow professionally.

Able to function efficiently during highpressure situations following procedures to ensure consistent performance in incident management. Tier 1 Analyst Roles and Responsiblilties DXC Public 3 Education and Professional Experience

A suitable background in IT and a sound understanding of networking with at least one certification along within an enthusiastic approach to IT. Desirable

IT or security related certifications.

Experience in a SOC or SOC equivalent.

SC / DV clearance Other Requirements

You will have to undertake SC and / or DV clearance with multiple agencies Full Driving Licence

Fluent in written and spoken English

l

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services such as false websites or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process nor ask a job seeker to purchase IT or other equipment on our information on employment scams is availablehere.