Security Information Response Control Center Incident Coordinator

DXC Technology

17h

About The Position

Paving the way in Digital Transformation DXC Technology is a Fortune 500 Global IT Services Leader. Our more than 130,000 people in 70-plus countries are entrusted by our customers to deliver what matters most. We use the power of technology to deliver mission-critical IT services that transform global businesses. We deliver excellence for our customers, colleagues, and communities around the world. Accelerate your career and reimagine the possibilities with DXC! We inspire and take care of our people. Work in a culture that encourages innovation and where brilliant people embrace change and seize opportunities to advance their careers and amplify customer success. Leverage technology skills and deep industry knowledge to help clients. Work on transformation programs that modernize operations and drive innovation across our customer’s entire IT estate using the latest technologies in cloud, applications, security, IT Outsourcing, business process outsourcing and modern workplace. DXC Philippines is an award-winning Employer of Choice and a recipient of the Global Best Employer Brand and Linkedin’s Top 15 Companies in the Philippines. Let’s further stimulate your growth and start your journey of thrive:

Requirements

In-depth understanding of TCP, IP, and other lower level network protocols, as well as common higher-level protocols such as HTTP, HTTPS, SMTP, POP3, FTP, and so on, and the ability to analyze captures of network traffic.
Familiarity with network security devices, including firewalls, Intrusion Prevention Systems, Intrusion Detection Systems, and so on.
Understanding of modern network operating systems, how they communicate, and familiarity with the Microsoft Windows line of Operating Systems.
Strong understanding of the malware products available on the market, how anti-malware software works, and how it is used in an Enterprise environment.
Basic knowledge about common types of Information Security threats, such as buffer overflows, cross site scripting, SQL injection, phishing, and other techniques used to compromise security.
Experience with gathering Open Source Intelligence (OSINT)
The ability to perform in-depth analysis of log files from multiple different devices and environments and identify indicators of security threats.
Familiarity with Information Security practices and procedures, including investigative processes, and requirements for security audits such as SOX, SAS70, or ISO27001, NIST MITRE frameworks.
The ability to perform independent research and analysis of security threats and issues using various available resources, and to document and report on the results.
Basic programming or scripting skills.
Familiarity with SIEM, EDR platforms, and network forensics.

Responsibilities

Serving as the subject matter expert in cyber security incident handling for the team.
Ensuring that security incidents are prioritized correctly and handled in a manner reflecting their priority.
Ensuring tasks necessary to the verification, mitigation, remediation and reporting of security incidents are assigned to SIRCC analysts and progressing in a satisfactory manner.
Ensuring higher priority incidents are continuing to progress as regions go offline and come on line in the follow-the-sun model in coordination with other regional incident coordinators.
Ensuring the handoff of incident response activity from the regional shift before and after the region of responsibility.
Ensuring the appropriate incident escalations and reporting are taking place in accordance with established policy and process guidance.
On-call duties for escalation of Security Incidents
Responsible for peer review, final approval, and delivery of significant incident reports (e.g. Root Cause Analyses), management briefings, and incident updates