Security Operations Center Analyst


You will be working on all phases of the configuration, detection, investigation and resolution of IT security events flagged by the various detection systems in use on our internal and client sites. You will also work closely with other members of the InfoSec team to run investigations into the root cause of security events, escalating to the Technical Security, vulnerability and problem-management teams where necessary.
You will work with various internal and external stakeholders to make sure that the security posture is always being strengthened as we work to continually improve our security configurations, practices and processes.

Ancillary activities that you would be involved in may include providing security-related assistance to internal staff members, running and interpreting the results of vulnerability scans for Technical teams and applying commonly used information security standards with respect to the systems being used in the SOC (eg ISO 27001, SOC2, SANS20).

Benefits:
* AlienVault MSSP Private Starter training
* AlienVault USM Advanced Deployment Training

Qualifications
Qualifications:

  • A passion for real-world Information Security. You live and breathe IT security – you want to be the best. Without this you simply won’t fit in.
  • Demonstrable experience of working in a high-performance SOC team in a multinational or cyber-security focused organization.
  • 2-5 years advanced IT security related experience.
  • Demonstrable experience with an enterprise-grade SIEM platform preferably AlienVault.
  • Experience in high volume global environments that handle millions of records per day.
  • Experience in Security Event analysis & triage, incident handling and root-cause identification.
  • Speciality in one or more of the following Information Security domains:
  • Cyber Intelligence Analysis, Threat Monitoring, Incident Response, Malware Analysis, Computer Forensics, Endpoint Protection, Network Security, Infrastructure Security, Application Security, Platform Security, Identity & Access Management, Security Education & Awareness, Vulnerability Scanning & Management, and Compliance & Risk Management.
  • Experience with Red Blue team engagements.
  • Excellent team-working skills, and a “can do, let’s get it done” attitude is crucial.
  • A desire to keep learning, extending your skills and pushing the boundaries of your knowledge.
Desirable:
  • Elasticsearch, Logstash and Kibana (ELK) experience. Bro and Fluentd experience.
  • Ability to write and understand complex regular expressions (PCRE).
  • Event Detection tools (eg Palo Alto, Fortinet, Kaspersky SC)
  • IDS/IPS (eg Snort, Suricata)

Any security related certifications a bonus, for example CISSP, GCIH, CEH, OSCP.. Or excellent references.

DXC Technology is an Equal Opportunity/Affirmative Action employer. All qualified candidates will receive consideration for employment without regard to disability, protected veteran status, race, color, religious creed, national origin,
citizenship, marital status, sex, sexual orientation/gender identity, age (40 or over), or genetic information. DXC’s commitment to diversity and inclusive selection practices includes ensuring qualified long-term unemployed job seekers
receive equal consideration for employment.

Source:https://jobs.dxc.technology/job/new-york/security-operations-center-analyst/16055/4358952?apstr=src%3DJB-11100