SIRCC Analyst

Job Description:

Job scope/summary:

Security Information Response Control Center (SIRCC) Analyst position is responsible for the receipt logging analysis and ongoing management of reported security incidents with a focus on identifying tracking and responding to both internal and external security threats in accordance with established procedures.

Job specifics/responsibilities:

• Analyze and perform risk assessments on the potential impact to the business of security events/incidents.
• Coordinating the response to security incidents by the technical groups within the business including communication with subject matter experts and between business units directing technical resources follow-up on tasks assigned by management to business units and working with technical resources to complete actions if required.
• Ensuring that significant security incidents are reported clearly and concisely management in a reasonable time frame.
• Initial monitoring and analysis of the output from security devices such as Intrusion Prevention Systems malware alerts firewall logs proxy logs system logs and so on.
• Perform behavioral analysis of malware samples in a controlled environment document the results and provide the samples and documentation to a reverse engineering team.
• Compiling reviewing and submitting incident reports for final peer and management review prior to release to the business.
• Research new vulnerabilities and security threats reported by external security entities perform and document risk assessments as to the potential impact of said vulnerabilities and threats to the business. Communicate this information to management and other business units as appropriate.
• Contributing to existing process and procedure documentation and assist in creating new process and procedure documentation in response to dynamically changing threats information security landscapes and business requirements.

Key deliverables/accountabilities:

• Tasks to be performed with the highest quality and according to predefined timelines
• Strictly follow DXC ITSM/ITIL processes and procedures
• Responding to major client security incidents.

Working relationships:

Internal:

• Other Internal Support Teams
• Security Officers
• Client Capability Leads
• Technical Owners
• Account Support Team members
• Technology Delivery Managers
• Service Delivery Managers
• Team Technology Leads

External:

• DXC Partners and Clients

Education (degree) and professional experience required:

• University Degree/Diploma in Computer Science Computer Engineering Electrical Engineering Management Information Systems or equivalent certifications (CCNACHFI CEHCPT CompTIA Security GCIH GSEC).
• Minimum of 1 years hands-on technical knowledge of analyzing event logs/system logs from Windows Operating Systems Unix/Linux Operating Systems Cisco PIX/Switches/Routers Wireshark/Ethereal network dumps.
• Good knowledge of IT Operations infrastructure services support (Systems NT UX Storage Backups DBs or Network management) security incident and security processes
• Excellent understanding of ITSM/ITIL processes

Other requirements:

• Fluent in English language

Personal skills and qualities:

• Strong analytical and critical thinking skills with the ability to synthesize complex information.
• Excellent written and verbal communication skills including report writing and presentation.
• Ability to learn new technologies processes and intelligence methodologies proactively.
• Understanding of network and endpoint security principles as well as current threat and attack trends.
• Ability to contribute to technical deliverables and documentation for team and customer use.
• The ability to learn or develop new processes quickly in response to changes in business requirements and the Information Security landscape.
• The ability to think flexibly and outside the box and to communicate clearly while under pressure.

Technical skills:

• In-depth understanding of TCP IP and other lower level network protocols as well as common higher-level protocols such as HTTP HTTPS SMTP POP3 FTP and so on and the ability to analyze captures of network traffic.
• Familiarity with network security devices including firewalls Intrusion Prevention Systems Intrusion Detection Systems and so on.
• Understanding of modern network operating systems how they communicate and familiarity with the Microsoft Windows line of Operating Systems.
• Strong understanding of the malware products available on the market how anti-malware software works and how it is used in an Enterprise environment.
• Basic knowledge about common types of Information Security threats such as buffer overflows cross site scripting SQL injection phishing and other techniques used to compromise security.
• The ability to perform analysis of log files from multiple different devices and environments and identify indicators of security threats.
• Familiarity with Information Security practices and procedures including investigative processes and requirements for security audits such as SOX SAS70 or ISO27001.
• The ability to perform independent research and analysis of security threats and issues using various available resources and to document and report on the results.
• Basic programming or scripting skills.
• Familiarity with SIEM EDR platforms and network forensics.

At DXC Technology we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing productivity individual work styles and life circumstances. Were committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services such as false websites or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process nor ask a job seeker to purchase IT or other equipment on our information on employment scams is availablehere.