Security Incident Coordination Analyst
GB147 - GBR Virtual worker (GB147)
Full Time Entry-level / Junior Clearance required GBP 19K - 45K *
DXC Technology
DXC Technology helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds.Job Description:
Roles and responsibilities
As part of the SIC Team, you will:
• Monitor security tooling , conduct triage and analysis of any subsequent alerts, events and/or security incidents identified.
• Validate, verify and report protective or countermeasure solutions, both technical and administrative
• Co-ordinate and Investigate Security Incidents through to completion
• Work with other resolver groups to respond to and investigate security incidents.
• Monitor and manage functional mailboxes and respond to email enquiries from the account and clients.
• Monitor and manage security tickets queues.
• Review and raise security incidents in ticketing systems.
• Assist in the completion of security reporting to agreed timescales and quality
• Compile and present reports using Microsoft PowerPoint and Excel.
• Provision of Critical Incident Response Report and lessons learnt to key stakeholders.
• Deal with legal and law enforcement-related issues as required
• Periodically review security incidents to perform trend analysis, before making recommendations to the Security Delivery Lead for potential security improvements or sales opportunities
• Respond to incidents as per playbooks and Security Incident Management Process.
• Act as an advisor to the account concerning Critical Security Advisories., responding to DXC Threat Advisories, ModCerts, Carecert and other emergency patching advisories.
• Develop and maintain a critical vulnerability management system to effectively communicate with DXC clients when a “Zero Day” vulnerability is discovered e.g., SolarWinds
• Manage security information requests from the customer.
• Lead on complex and severe incidents when required and ensure that playbooks are updated or reviewed to ensure that any lessons learnt are documented and repeatable.
• Take responsibility for SIC Team processes and continually review them to ensure that they are current and up to date.
• Ensure that all obligations are covered off (for instance monthly reporting) to the agreed timescales and quality.
• Ensure that the Security Delivery Lead is informed of all relevant Security Incidents and Issues on the account.
• There will be a requirement that you must provide standby(on-call) cover whilst working on an agreed rota to cover high severity/critical security incidents
• There may be requirements to work flexible hours when required e.g.,8am -4pm or 10am to 6pm.
• Due to the nature of some of our clients a current security clearance is preferable, or willingness to attain security clearance.
Training
• Ensure that you perform any mandatory training in line with Enterprise / Practise requirements and deadlines
• To maintain a watching brief on threat actors and advanced persistent threats as well as continually reviewing zero-day exploits for potential issues
• Enthusiasm and desire to develop your skill and knowledge base
Person Specs
Essential:
• Possess experience of handling, responding, and investigating to cyber security incidents
• Possess good analytical skills.
• Experience of log analysis.
• Knowledge and experience of using Protective Monitoring Tools e.g., ArcSight, Tanium, McAfee, Symantec, MS Defender, Microsoft 365, AZURE, and Azure Sentinel
Threat and Vulnerability management experience.
• Experience of malware alert review
• Experience of working in SOCS, ticketing systems, and interacting with delivery capabilities
• Enthusiastic and committed approach with a track record of building strong, trusted base relationships with colleagues and stakeholders at all levels
• A sound working knowledge of security best practice and legislation affecting the security role
• Self-motivated and an ability to keep up to date with latest security threats and vulnerabilities and trends.
• Excellent communication, influencing, negotiating and engagement skills
• Possess good leadership skills when interacting with account delivery teams.
• Sound judgement and decision-making skills, with a ‘hands on’, problem solving approach, able to remain calm under pressure and own security incidents
• Ability to work to tight timescales.
• Ability to remain calm and focused in high pressure situations identifying business resources essential to recovery.
• Experience of writing procedures and reports,
• Ability to work as part of a team, as well as independently.
Desirable:
• Recognized security qualification e.g., CISSP or CISM or willing towards obtaining accreditation.
• Security professional with a proven experience within the security industry, the public sector, or armed services.
• Knowledge of types and sources of tools and equipment required to adequately equip an Incident Response Team.
• Knowledge of forensic requirements for collecting and presenting evidence
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: ArcSight Azure CISM CISSP Clearance Exploits Incident response Log analysis Malware Monitoring Security Clearance Sentinel Vulnerabilities Vulnerability management
Perks/benefits: Flex hours Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Product Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open CEH-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs