Cybersecurity Analyst - Tier 2
USA DE Home based (CSC Location)
Job Description:
DXC Technology (NYSE: DXC) helps global companies run their mission critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world’s largest companies and public sector organizations trust DXC to deploy services across the Enterprise Technology Stack to drive new levels of performance, competitiveness, and customer experience. Learn more about how we deliver excellence for our customers and colleagues at DXC.com.
Our DXC Security services helps customers assess risk and proactively address all facets of their security environment, from threat intelligence to compliance. We leverage proven methodologies, intelligent automation and industry-leading partners to tailor security solutions to our customers' unique business needs.
Essential Job Functions:
- The Tier 2 Information Security Analyst is responsible for the first line of security incident response in the client SIEM environment. The core responsibilities include the monitoring of client SIEM alerts in real-time, researching threat information, and escalating legitimate security incidents to the client. This position is also a technical escalation resource for the Tier I Information Security Analysts.
- Tier 2 analysts provide a further in-depth analysis and focus on incident support and alert handling from Tier 1. They coordinate security monitoring findings with the Threat Intelligence team, vendor partners, and with specific points of contact to obtain a wider analysis of event data and its impact on designated environments.
- Tier 2 analysts will utilize various meeting systems and telephone bridges to provide updates on attacks and advise clients on technical countermeasures. Tier 2 analysts will also perform a Root Cause Analysis of an attack. The investigation may continue for an extended period time beyond the resolution of an incident to gather additional information, and coordinate with constituents to determine the event’s extent and severity.
- Tier 2 monitoring functions:
- Triage: In support of Tier 1 staff OR independently - review, assess and act. May be direct or part of an automated action.
- Threshold Monitoring: Actively monitor indicators that are approaching security, service and/or compliance Thresholds. Also included recommendation on the ongoing establishment and adjustment of said thresholds.
- Playbooks/Threat Analysis: Execute analysis process as required. Assist in the general maintenance and improvement of the process and/or playbooks.
- Active Investigation/Cause Analysis (Who, What, When, Where, How): initiation and follow-through to ensure quality forensic materials are captured. Participate in Root Cause Analysis if required.
- Escalation: Maintain the escalation chain integrity and ser
- vice levels.
…
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Benefits/PerksDisability Insurance Employee wellness Health, dental, and vision insurance coverage Life and Disability insurance Paid holidays Paid Time Off Retirement savings plan Vision Insurance
Tasks- Documentation
- Incident response
- Monitoring
- Problem solving
- Root cause analysis
Cybersecurity Development Documentation Monitoring Network security Security SIEM Social media TCP/IP Threat Intelligence
Experience2-4 years
Education Timezones