DXC Technology

posted about 2 months ago

Full-time - Mid Level
Remote
Professional, Scientific, and Technical Services

About the position

The Tier 2 Information Security Analyst is a critical role within the cybersecurity team, responsible for the first line of security incident response in the client SIEM (Security Information and Event Management) environment. This position requires a proactive approach to monitoring client SIEM alerts in real-time, conducting thorough research on threat information, and escalating legitimate security incidents to the client. As a technical escalation resource for Tier I Information Security Analysts, the Tier 2 analyst plays a vital role in ensuring the integrity and security of client systems. In this role, Tier 2 analysts provide in-depth analysis and support for incidents that have been flagged by Tier 1 staff. They coordinate security monitoring findings with the Threat Intelligence team, vendor partners, and specific points of contact to obtain a comprehensive understanding of event data and its implications for designated environments. The position involves utilizing various communication systems to provide updates on ongoing attacks and advising clients on effective technical countermeasures. Additionally, Tier 2 analysts are responsible for performing Root Cause Analysis of attacks, which may require extended investigation beyond the initial resolution of an incident to gather further information and assess the event's extent and severity. Key monitoring functions for Tier 2 analysts include triaging alerts, actively monitoring security thresholds, executing analysis processes, and maintaining the escalation chain integrity. They are expected to engage in active investigations, ensuring that quality forensic materials are captured and participating in Root Cause Analysis when necessary. This role is essential for maintaining the security posture of the organization and requires a blend of technical expertise, analytical skills, and effective communication.

Responsibilities

  • Monitor client SIEM alerts in real-time and respond to security incidents.
  • Research threat information and escalate legitimate security incidents to clients.
  • Provide technical escalation support for Tier I Information Security Analysts.
  • Conduct in-depth analysis and incident support for escalated alerts from Tier 1.
  • Coordinate security monitoring findings with the Threat Intelligence team and vendor partners.
  • Utilize communication systems to provide updates on attacks and advise clients on countermeasures.
  • Perform Root Cause Analysis of security incidents and coordinate investigations as needed.
  • Triage alerts and assess security thresholds, making recommendations for adjustments.
  • Execute analysis processes and assist in the maintenance of playbooks and threat analysis procedures.
  • Maintain the integrity of the escalation chain and service levels.

Requirements

  • 2 - 4 years of relevant experience in cybersecurity or equivalent education and work experience.
  • 1 - 2 years of Information Technology experience with network technologies, specifically TCP/IP.
  • Understanding of source code, hex, binary, and regular expressions.
  • Experience in developing and maintaining tools, procedures, and documentation.
  • Strong deductive reasoning, critical thinking, problem-solving, and prioritization skills.
  • Experience with reviewing raw log files, data correlation, and analysis (firewall, network flow, IDS, system logs).
  • Familiarity with SIEM tools, ticketing systems, and performing cyber threat analysis.

Nice-to-haves

  • Certifications in cybersecurity (e.g., CISSP, CEH, CompTIA Security+) are a plus.
  • Experience with cloud security and related technologies.
  • Knowledge of compliance frameworks (e.g., NIST, ISO 27001).

Benefits

  • Health insurance coverage
  • Dental insurance coverage
  • Vision insurance coverage
  • Employee wellness programs
  • Life insurance
  • Disability insurance
  • Retirement savings plan
  • Paid holidays
  • Paid time off
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service