Candidates will have a minimum of three years’ experience in an Information Security (IS) role, or two years in an IS Incident Response role, with the relevant qualifications. Applicants should have strong familiarity with IS tools and industry best practices, including but not limited to IPS, malware behavioural analysis and/or tools, vulnerability assessment tools, system security hardening or configuration.
Preference will be given to candidates with extensive IS Incident Response experience and with cross discipline experience in additional areas of IT, such as Network and Server Administration.
Applicants for this role must have the following skills:
• Strong verbal and written English skills, in particular the ability to communicate clearly in writing with correct spelling, grammar, sentence structure, and style.
• Experience writing formal documents and reports for a management or academic target audience.
• The ability to communicate effectively with all levels of management, up to and including executive level management.
• The ability to develop new processes quickly in response to changes in business requirements and the Information Security landscape.
• In-depth understanding of TCP, IP, and other lower level network protocols, as well as common higher level protocols such as HTTP, HTTPS, SMTP, FTP, and others. The ability to conduct in-depth analysis of network traffic and packet captures.
• Strong familiarity with network security devices, including firewalls, Intrusion Detection/Prevention Systems, proxies, switches, routers, and others. Understanding of modern network operating systems, how they communicate, and in particular familiarity with the Microsoft Windows line of Operating Systems.
• Understanding of anti-malware and advanced endpoint protection products and their enterprise environment application.
• Solid knowledge about common types of Information Security threats, such as buffer overflows, cross site scripting, SQL injection, phishing, and other techniques used to compromise security.
• The ability to perform in depth analysis of log files from multiple devices and environments, and identify indicators of security threats.
• Familiarity with Information Security best practices and procedures, including the investigative process.
• The ability to think flexibly outside the box, and to communicate clearly while under pressure.
• Perform independent research and analysis of security threats and issues using various available resources, and to document and report on the results.
Skills that are highly desirable but not a pre-requisite for this role are:
• Bachelor’s Degree in Information Security or related discipline, or any of the following or similar related certifications: CCNA, CEH, OSCP, OPST, eCPTT, GCIH, GCIA or GSEC
• Understanding of the requirements for security audit processes/frameworks, such as SOX, SAS70, or ISO27001
• Understanding of, and experience using, Unix-style operating systems, such as Solaris, Linux, or BSD.
• Understanding of and some experience with programming languages such as Python, Perl, Java or C++
• Experience with gathering Open Source Intelligence (OSINT)
• Current or recent experience working with enterprise level anti-malware or advanced endpoint protection packages.
• Experience with Operating System security, administration, and logging in an enterprise environment.
• Previous experience with process and procedure development.
• Experience dealing with cybercrime and working in an environment that requires an investigative response when dealing with computer based electronic evidence.
• Bachelors Honours project in Information Security.
• On-call duties for escalation of Security Incidents
• Responsible for peer review, final approval, and delivery of significant incident reports (e.g. Root Cause Analyses), management briefings, and incident updates
• Take the lead in management and technical update meetings during significant incidents, delegate tasks to the SIRCC level 1 and 2 team members, to other security teams, and to other business units.
• Define the meeting timeframes and scheduling for all update briefings.
• Document action items carried out by the Incident Coordination team
• If required, task the SIRCC level 1 and 2 teams to complete additional incident related actions outside of meetings
• Liaise with level 1 and 2 SIRCC Analysts to ensure that SIRCC action items are being actioned correctly, and provide guidance where necessary to facilitate the completion of such tasks
• Peer review and release of management alerts notifications.
• Use intelligence sources to proactively investigate the environment for threats and real or potential security breaches
• During incidents, lead reactive intelligence analysis, and once a basic methodology is established, hand over ongoing tasks to the SIRCC Level 2 team for continued analysis.
• Peer review results of the SIRCC Level 2 team analysis of intelligence (e.g. correlation of logs from multiple tools)
• Liaise with other Incident Coordinators to allocate daily and longer term tasks between different coordinators
• Own security tools used by SIRCC and contribute to their strategic development
• Ongoing mentoring of level 1 and level 2 SIRCC staff
• Implementation and management of minor SIRCC projects, and development and documentation of initial draft of project-related processes
• Liaise with SIRCC Manager to completely develop and implement new processes as required
• Work with the SIRCC Manager to develop acceptance criteria, SLA’s, processes, and procedures as required for new tasks and processes being assigned to the SIRCC team by management
DXC is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology is a $25 billion company with a 60-year legacy of delivering results for thousands of clients in more than 70 countries. Our technology independence, global talent and extensive partner network combine to deliver powerful next-generation IT services and solutions.
In a time of change, thrive with DXC Technology.
Simple body text this will replace with orginal content