Senior Tier 3 SOC Analyst- Cyber Threat Analysis Center

The main goal of a Senior Analyst within the CTAC is to proactively identify cyber threats affecting DXC and its customers. The Senior Analyst will be responsible for providing technical support to the Tier 1 and Tier 2 analysts.

They will have experience in working closely with junior analysts, management and customers. They will be able to assist in the creation and delivery of multiple technology solutions designed to support each customers needs and requirements.

They will be using both industry standard technology, OSINT and previous experience to help foster an environment of trust and respect between the SOC and its customers. Further, they will participate in the continued development of the required infrastructure to maintain these services.

A strong familiarity with the principles of network and endpoint security, current threat landscape, and attack trends is required. The Senior Analyst is accountable for consistent results and ensuring that all events that are fed into the SOC tooling are investigated, triaged, communicated and rectified within tight time constraints.

Responsibilities:

Analyse and correlate results from various technology platforms. This entails investigating and assessing the impact of security events resulting from hits on indicators of compromise (IOCs), indicators of attack (IOA), or behavioural patterns (TTPs - Tactics, Techniques, and Procedures) derived from bespoke queries within available technology platforms

Understand a broad spectrum of the DXCs technologies to deliver part of a Cyber Defence security service, which meets both DXCs and their customers requirements

Assist in the development of innovative ways to detect threats and anomalous behaviour leveraging logs and/or functionality within available technology platforms

Develop an understanding of security event analysis from a range of data sources including network traffic attributes, host and network-based attributes (to identify security incidents)

Delivery of assigned tasks within the delivery cycle as determined by customer or management.

Drive and participate in proactive hunting campaigns to proactively identify potential security gaps and emerging threats across customer environments

Lead technical deep-dive investigations of complex security incidents and create comprehensive post-incident analysis reports with actionable recommendations

Follow procedures to communicate, report, and escalate incidents to appropriate DXC operational management units, technical leads, and/or engineering specialists

Participate as part of a team, maintaining good relationships with team members, DXC colleagues and DXC customers

Understand the company strategy and values, and the role that the individual plays Tier 3 Analyst Roles and Responsiblilties DXC Public 2

Use the available knowledge and training tools and platforms to maintain and improve current skill level for the benefit of assigned projects, and professional development

Make use of experience and tools to mentor more junior analysts to enhance individual growth for the CTAC

Use and contribute appropriately to technical forums within the company environment and local professional communities and technical user groups

Able to travel to DXC sites as per contract

Participation in an on-call rota Knowledge and Skills

Excellent knowledge of basic Networking and how traffic crosses a network

Strong knowledge of Windows and Linux environments

Strong knowledge of analysis tools such as SIEM / XDR / Wireshark along with OSINT

Working knowledge of query languages (e.g., KQL, SQL) for security log analysis and threat detection

Good communication skills and customer centric focus - ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external

Able to explain technical problems to non-technical people

Able to compile and understand technical and non-technical reports

Organise both themselves and others

Must be a Team Player and be willing to understand that people junior to you may know more about a subject than them

Able to learn new technologies with minimum oversight and able to pass that knowledge on

Flexible and self sufficient. Able to function when under pressure Education and Professional Experience

University Degree/Diploma in Cyber Security or Equivalent experience Desirable

Any SIEM / XDR / SOAR training or certification Other IT certifications or experience such as CISSP, COMPTIA CySA+, GCIA, GCIH

At least 4 years experience in a SOC or SOC equivalent

SC / DV clearance Other Requirement

Be willing to undertake SC and / or DV clearance with multiple agencies

Full Driving Licence Tier 3 Analyst Roles and Responsibilities

Fluent in written and spoken English