The main goal of a Senior Analyst within the CTAC is to proactively identify cyber threats affecting DXC and its customers. The Senior Analyst will be responsible for providing technical support to the Tier 1 and Tier 2 analysts.
They will have experience in working closely with junior analysts, management and customers. They will be able to assist in the creation and delivery of multiple technology solutions designed to support each customers needs and requirements.
They will be using both industry standard technology, OSINT and previous experience to help foster an environment of trust and respect between the SOC and its customers. Further, they will participate in the continued development of the required infrastructure to maintain these services.
A strong familiarity with the principles of network and endpoint security, current threat landscape, and attack trends is required. The Senior Analyst is accountable for consistent results and ensuring that all events that are fed into the SOC tooling are investigated, triaged, communicated and rectified within tight time constraints.
Responsibilities:
Analyse and correlate results from various technology platforms. This entails investigating and assessing the impact of security events resulting from hits on indicators of compromise (IOCs), indicators of attack (IOA), or behavioural patterns (TTPs - Tactics, Techniques, and Procedures) derived from bespoke queries within available technology platforms
Understand a broad spectrum of the DXCs technologies to deliver part of a Cyber Defence security service, which meets both DXCs and their customers requirements
Assist in the development of innovative ways to detect threats and anomalous behaviour leveraging logs and/or functionality within available technology platforms
Develop an understanding of security event analysis from a range of data sources including network traffic attributes, host and network-based attributes (to identify security incidents)
Delivery of assigned tasks within the delivery cycle as determined by customer or management.
Drive and participate in proactive hunting campaigns to proactively identify potential security gaps and emerging threats across customer environments
Lead technical deep-dive investigations of complex security incidents and create comprehensive post-incident analysis reports with actionable recommendations
Follow procedures to communicate, report, and escalate incidents to appropriate DXC operational management units, technical leads, and/or engineering specialists
Participate as part of a team, maintaining good relationships with team members, DXC colleagues and DXC customers
Understand the company strategy and values, and the role that the individual plays Tier 3 Analyst Roles and Responsiblilties DXC Public 2
Use the available knowledge and training tools and platforms to maintain and improve current skill level for the benefit of assigned projects, and professional development
Make use of experience and tools to mentor more junior analysts to enhance individual growth for the CTAC
Use and contribute appropriately to technical forums within the company environment and local professional communities and technical user groups
Able to travel to DXC sites as per contract
Participation in an on-call rota Knowledge and Skills
Excellent knowledge of basic Networking and how traffic crosses a network
Strong knowledge of Windows and Linux environments
Strong knowledge of analysis tools such as SIEM / XDR / Wireshark along with OSINT
Working knowledge of query languages (e.g., KQL, SQL) for security log analysis and threat detection
Good communication skills and customer centric focus - ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external
Able to explain technical problems to non-technical people
Able to compile and understand technical and non-technical reports
Organise both themselves and others
Must be a Team Player and be willing to understand that people junior to you may know more about a subject than them
Able to learn new technologies with minimum oversight and able to pass that knowledge on
Flexible and self sufficient. Able to function when under pressure Education and Professional Experience
University Degree/Diploma in Cyber Security or Equivalent experience Desirable
Any SIEM / XDR / SOAR training or certification Other IT certifications or experience such as CISSP, COMPTIA CySA+, GCIA, GCIH
At least 4 years experience in a SOC or SOC equivalent
SC / DV clearance Other Requirement
Be willing to undertake SC and / or DV clearance with multiple agencies
Full Driving Licence Tier 3 Analyst Roles and Responsibilities
Fluent in written and spoken English