DXC Technology
posted about 2 months ago
The Tier 2 Information Security Analyst is a critical role within the cybersecurity team, responsible for the first line of security incident response in the client SIEM (Security Information and Event Management) environment. This position requires a proactive approach to monitoring client SIEM alerts in real-time, conducting thorough research on threat information, and escalating legitimate security incidents to the client. As a technical escalation resource for Tier I Information Security Analysts, the Tier 2 analyst plays a vital role in ensuring the integrity and security of client systems. In this role, Tier 2 analysts provide in-depth analysis and support for incidents that have been flagged by Tier 1 staff. They coordinate security monitoring findings with the Threat Intelligence team, vendor partners, and specific points of contact to obtain a comprehensive understanding of event data and its implications for designated environments. The position involves utilizing various communication systems to provide updates on ongoing attacks and advising clients on effective technical countermeasures. Additionally, Tier 2 analysts are responsible for performing Root Cause Analysis of attacks, which may require extended investigation beyond the initial resolution of an incident to gather further information and assess the event's extent and severity. Key monitoring functions for Tier 2 analysts include triaging alerts, actively monitoring security thresholds, executing analysis processes, and maintaining the escalation chain integrity. They are expected to engage in active investigations, ensuring that quality forensic materials are captured and participating in Root Cause Analysis when necessary. This role is essential for maintaining the security posture of the organization and requires a blend of technical expertise, analytical skills, and effective communication.