Security Incident Handler

Job Description:

DXC Technology (NYSE:DXC) - where brilliant people embrace change and seize opportunities to advance their careers and amplify customer success.

People are the heart of our business. We support each other and work as a team, globally and locally to deliver excellence for our customers and colleagues. We live in more than 70 countries, speak multiple languages and work with over 6,000 customers on almost every continent. We use the power of technology to deliver technology services that move the world. DXC.com

At DXC we pride ourselves on delivering excellence in everything we do. What this means for you is the opportunity to be a part of delivering innovative solutions and helping to solve real business problems for a wide variety of valued clients.

What you will be doing

As part of this role, the Security Incident Handler will be required to undertake reviews of alerts received into the SIEM platform or other security tools or means. This will involve investigating alerts that have been escalated to them by the Tier 1 and 2 staffs which require more detailed investigation before declaring an incident or escalating outside the Security Monitoring team.
 

This role will require participation in an on-call where out of hours work will be required, including weekends, subject to appropriate compensation.

Only candidates able to gain or currently holding a current Australian Federal Government Security Clearance at Baseline will be considered for this role. Australian Citizenship is mandatory.
 

Responsibilities:

• Perform detailed investigations into security alerts escalated from the Security Monitoring team

• Conduct thorough analysis of escalated security incidents, including threat extent, timeline analysis, and potential business impact

• Advise clients on containment, eradication, and recovery strategies for security incidents

• Write post-incident review reports for high-priority incidents

• Update tickets to adhere to documented standards, ensuring clean handovers

• Monitor components of the Security Monitoring service for operational issues and escalate as required

• Investigate and respond to frequently occurring or common security alerts

• Develop use cases for detecting security incidents, adhering to the MITRE ATT&CK Framework

• Conduct fine-tuning activities with clients and implement improvements

• Conduct tabletop exercises with clients on incident response

• Develop processes, procedures, and runbooks for security alerts
   

Skills & Qualifications:

• 3+ years’ as a Security Analyst or working in a Cyber Security Operations centre

• 3+ years’ experience working with standard operating systems (Windows, Unix)

• Hands-on experience with one or more SIEM systems (ArcSight, Splunk, Sentinel, SumoLogic)

• Hands-on experience with EDR / XDR products like MS Defender, CrowdStrike, SentinelOne etc

• Demonstrated security knowledge of Windows/Linux/Unix platforms and networking protocols

• Strong understanding of TCP/IP and networking concepts (OSI Model)

• Experience assisting the development and maintenance of tools, procedures, and documentation

• Experience with reviewing raw log files, data correlation, and analysis (i.e. firewall, network flow, IDS, system logs)

• Experience qualifying and documenting indicators of compromise (IOC’s)

• Solid and demonstrable comprehension of Information Security including malware, emerging threats, attacks, and vulnerability management

• Demonstrated understanding of the MITRE ATT&CK framework

• Knowledge of IT security controls (Network IPS, Vulnerability Scanning, Endpoint Protection, Firewalls, Cloud Access Security Brokers)

• Diploma/Certificate/Degree in Information Technology (Security preferred)

• Relevant industry certifications such as CEH, GCIH, Security+, Network+, MCSP, CCNA

• Cloud services (Amazon Web Services, Azure, Google Cloud) (Desirable)

• Forensic experience with computer systems (Desirable)
   

Our culture & benefits

DXC is committed to building better futures for our customers, colleagues, environment, and communities. We take care of each other and foster a culture of inclusion, belonging and corporate citizenship. We put this to action developing and implementing societal initiatives within our Social Impact Practice. #WeAreDXC
 

As an employer of choice, our “people first” philosophy means we offer competitive remuneration, benefits, training and career opportunities that reflect our commitment to improving the lives of our employees, and the communities in which we live and work.
 

How to apply & our commitment to you in return

If you would like to be part of a culture that drives innovation, delivers results, rewards performance and encourages ideas, then please press the "Apply Now" button to submit your resume.
 

In return, we agree to ensure a hiring process that is enjoyable, thorough, and fair. We strive to provide an environment that lets you thrive and show off the very best version of yourself, while learning about us at the same time.

Interviews and onboarding are conducted online, as part of us being a virtual-first company.
 

We are an Equal Opportunity Employer

DXC is proud to be an equal opportunity employer and we welcome submissions from people from all walks of life. We celebrate our diversity and recognise it is the unique contributions of our people that give us our edge.
 

Accommodation of special needs for qualified candidates may be considered within the framework of the DXC Accommodation Policy. In addition, DXC Technology is committed to working with and providing reasonable accommodation to support qualified individuals with physical and mental disabilities.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.