Senior Security Analyst

Job Description:

About DXC Bulgaria  

We are DXC - a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company's entire IT portfolio. We are flexible - we provide everything you need to comfortably work from home, but we also keep our offices open for collaboration, meetings, and building a strong team spirit. We tailor everyone’s development path to their individual interests through training and additional certifications.

Our experience and desire to grow, our mission, and our values ​​create an environment where ambitious people become successful at home. At home - in Bulgaria.

The Senior Security Analyst is an integral part of the Security Incident Response Process within the Intelligent Security Operations Center team. The primary function of the role will be to provide a technical escalation point during Security Incidents, establishing the extent of the threat, the business impacts and advising the most suitable course of action to contain and remedy the incident. Outside of the Incident Process the Senior Security Analyst is expected to maintain a good knowledge of the Current Threat Landscape, help enhance current techniques and identify new methods of detecting threats on our customers' networks. They must also demonstrate the ability to communicate effectively with the other key stakeholders in the incident process.

Daily challenges

• Perform detail analysis of events during the incident process, combining sound analytical skills with advanced knowledge of IT Security and Network Threats.

• Provide a containment strategy and remediation plan in order to resolve the security issue.

• Develop and maintain a strong relationship with the Client Security Teams.

• Perform daily follow up on all tickets that were not resolved by Security analysts

• Provide swift and accurate reactions during an ongoing security crisis situations identifying different type IoCs establishing mitigation/remediation plans.

• Follow training plans, requirements and schedules as outlined by the Technical Supervisor.

• Provide out of office hours on-call support and guidance to the junior team members.

• Full understanding of the Cyber Kill Chain methodology

• Escalation to Security support teams as needed.

• Alert tuning analysis proposal

• Alert suppression analysis proposal

 Key deliverables/accountabilities:

• Ongoing alert analysis and investigation activities to be performed according to SLAs and defined timelines

• Daily review on all ongoing incidents

eXperience and skills required

• Degree/Diploma in Computer Science, Computer Engineering, Electrical Engineering, Management Information Systems or equivalent certifications (MCSE, MCP, HP-UX, CCNA, CCNP, SNIA, SANS).

• Minimum of 2-3 years’ experience within IT Operations, security operations, infrastructure services support (Systems NT, UX, Backups, DB’s, IT Security or Network management), operations monitoring and end user support.

• Minimum of 2-3 years’ hands-on technical knowledge of the applicable technology platform that you will be responsible for: SIEM, Network management, Security and HP Open View Products. Must be able to demonstrate troubleshooting and problem solving skills.

• Fluent in written and verbal English

• ITIL Version 3 or above

• Security certification

Technical skills:

• Good analytical skills

• Strong interpersonal and security skills

• Good communication skills and customer centric focus - ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external

• Team player. Ability to collaborate and cooperate with members of team and members of other teams

• Understanding of 24x7 mission critical enterprise computing environments and the impact of service disruption on a company’s bottom line

• Ability to pro-actively learn new technology, processes and other skills

• Able to pro-actively search for solutions from knowledge bases, support documentation and other information.

• Keen interest in continual learning and professional development

• Time management skills and ability to multi-task and prioritize assigned tasks, problems and requests in a high pressure environment

• Flexible, self-motivated with the ability to work under pressure in an international and culturally diverse organization

• Intrusion Detection System

• Proxy Support

• Security Client Support

• Security Devices Administration

• Security Server Compliance Monitoring & Reporting

• Security Training

• Wireshark

• SIEM tools such as MS Sentinel, ArcSight, Q Radar,LogLogic & Envison

• Linux

Company benefits

• Competitive remuneration package

• Additional Medical & Life insurance

• 4 days additional paid leave (total: 24 days)

• The possibility to work entirely remotely

• Food vouchers

• Training, continuous learning and career development in the largest IT company on the market

• Unlimited access courses from a bunch of external partners for the best learner's experience (e.g., LinkedIn Learning, Udemy)

• Access to a foreign language learning platform

• Stable employment in an international company

• Advancement opportunities within the organization (a variety of interesting projects with the array of technologies and tools)

• Flexibility in work arrangement (hybrid or fully remote work, the home office culture is in our DNA)

• Workplace equipment to organize your home office (e.g., chair, desk, additional monitor, headset etc.)

• DXC Partner courses and certifications (Microsoft, SAP, ServiceNow, AWS, Google, Dell Technologies, IBM, Micro Focus, Salesforce, Red Hat, VMware, Workday)

• Employee Referral Program - a financial bonus for the referrer for successful candidate recommendation

• Employee Recognition Program with points assigned by colleagues for the recognized employees (exchangeable for prizes)

• Employee Assistance Program (providing 24/7 support for employees and their families in difficult life situations)

• Opportunity to join our numerous charity and ecology-related events organized by our Employee Ambassadors team

We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. We continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.