Cyber Threat Analyst

Job Description:

Cyber Threat Analyst

*Candidates must be a a sole UK national/British citizen and have resided in the UK for the past 5 to meet current security clearance requirements*

Job Description

The main goal of Cyber Threat Hunting is to proactively identify undetected cyber threats affecting DXC and its customers. The Cyber Threat Analyst will be responsible for providing technical support in the creation and delivery of technology solutions designed to meet both DFI’s and its customers’ business needs. Utilising a combination of both commercial platforms and Open-Source data, they will leverage intelligence to help formulate and deliver Threat Hunting and Incident Response services on behalf of DXC. Further, they will participate in the continued development of the required infrastructure to maintain these services. A strong familiarity with the principles of network and endpoint security, current threat landscape, and attack trends is required. The Cyber Threat Analyst is accountable for consistent chargeability levels (or expense relief for internal project teams) and for assisting in meeting or exceeding revenue and customer satisfaction goals.

Responsibilities:

Analyse and correlate results from various technology platforms. This entails investigating and assessing the impact of security events resulting from hits on indicators of compromise (IOCs), indicators of attack (IOA), or behavioural patterns (TTP’s - Tactics, Techniques, and Procedures) derived from bespoke queries within available technology platforms

Assist in the design, execution, and reporting of Threat Hunt exercises on behalf of both DXC and their customers

Understand a broad spectrum of the DXC’s technologies to deliver part of a Cyber Defense security service, which meets both DXC’s and their customers’ requirements

Assist in the development of innovative ways to detect threats and anomalous behaviour leveraging logs and/or functionality within available technology platforms

Develop an understanding of security event analysis from a range of data sources including network traffic attributes, host-based attributes (such as memory captures, specific file artefacts, and disk images) to identify security incidents

Delivery of assigned tasks within the delivery cycle of a project or task.

Assist in other required DFI tasks such as internal Lab maintenance, installing new systems, applications, updating applications and OSs, firmware; scripting for automation using API interfaces where needed; assisting in the preparation of technical presentations and demonstrations to peers

Follow procedures to communicate, report, and escalate incidents to appropriate DXC operational management units, technical leads, and/or engineering specialists

Work with minimal direction from the Cyber Threat Hunter mentor to accomplish assigned tasks

Participate as part of a team, maintaining good relationships with team members, DXC colleagues and DXC customers

Understand the company strategy and values, and the role that the individual plays

Use the available knowledge and training tools and platforms to maintain and improve current skill level for the benefit of assigned projects, and professional development

Use and contribute appropriately to technical forums within the company environment and local professional communities and technical user groups

Able to travel to client sites when needed

Participation in an on-call rota

Knowledge and Skills:

General:

Good understanding of Windows Operating Systems

Basic understanding of Linux Operating Systems

Good communication skills and customer centric focus - ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external

Good analytical and troubleshooting skills

Organised and motivated to complete tasks

Good report writing skills

Team player. Ability to collaborate and cooperate with members of the DFI team and members of other teams

Ability to pro-actively learn new technology, processes and other skills

Able to pro-actively search for solutions from knowledge bases, support documentation and other information.

Keen interest in continual learning and professional development

Flexible, self-motivated with the ability to work under pressure in an international and culturally diverse organization

Education and Professional experience:

University Degree/Diploma in Computer Science, Digital/Cyber Security

Desirable:

Any Threat Hunting / Forensic Analysis / Incident Response certifications

Other certifications (e.g. CHFI, CISSP, CEH, CompTIA Security +, GCIH, GREM, GCFA)

Computer Forensics / Cyber Security / Ethical Hacking experience

Event and Alert analysis from platforms such as a SIEM

Log analysis – particularly Windows Event Logs, Web logs, Linux logs

Other requirements:

Fluent in written and spoken English

At DXC Technology, we believe strong connections and community are key to our success. Our work model prioritizes in-person collaboration while offering flexibility to support wellbeing, productivity, individual work styles, and life circumstances. We’re committed to fostering an inclusive environment where everyone can thrive.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.