Job description

Information Security Engineer - Remote Information Security Engineer - RemoteApply locations CRI - SJ - SAN JOSE Time type: Full time Posted on: Posted 2 Days Ago Job requisition id: 51523623 Job Description: This is a remote position - the candidate can be located anywhere in Costa Rica. Work schedule is Monday – Friday, or Tuesday – Saturday, or Sunday – Thursday from 8-5pm. At DXC we use the power of technology to deliver mission-critical IT services that our customers need to modernize operations and drive innovation across their entire IT estate. We provide services across the Enterprise Technology Stack for business process outsourcing, analytics and engineering, applications, security, cloud, IT outsourcing, and modern workplace. Our DXC Security services help customers assess risk and proactively address all facets of their security environment, from threat intelligence to compliance. We leverage proven methodologies, intelligent automation, and industry-leading partners to tailor security solutions to our customers' unique business needs. About this roleThe position will report to the SIRCC (Security Incident Response Control Center) Manager and operate within a 24/7 follow-the-sun environment, collaborating with team members and shift workers across various locations. First point of contact for all DXC internal Security Incidents. Responsible for logging all reported incidents, performing the initial risk assessment and triage of the incident. Manage/coordinate incident responses for ‘low’ priority incidents and escalate to Tier 2/3 teams when the incident is a high priority/complex incident. What you’ll doReceive input from various event sources, investigate it for unusual and potentially malicious behaviour that may indicate security incidents, and escalate any suspicious activity or anomalies to the Tier 2 SIRCC Analyst team. During security incidents, coordinate with Tier 2 SIRCC Analysts and Tier 3 Incident Coordinators to determine actions that the Tier 1 team can undertake in response to the incidents. Analyse and perform risk assessments on the potential impact to the business threat and vulnerability information in the public domain. Document the risk assessment, and escalate to the Tier 2 SIRCC Analyst team for peer review and publishing. For low priority incidents (e.g. unsolicited bulk e-mail notifications, one-off or small numbers of known malware infections), coordinate the incident response by the various individuals and other stakeholders within the business. Document the results of security investigations and incidents in the appropriate ticketing systems. Ensure that incident and event investigation data is correctly recorded for inclusion in regular reports. Receive escalations from various security SOC teams within the business, and investigate, follow up on, and escalate to Tier 2 and Tier 3 SIRCC teams as appropriate. Using an established process, acquire malware samples for analysis by Tier 2 and Tier 3 SIRCC teams. Take ownership of documenting incidents, as part of the team's contribution to the compilation of incident reports for final peer and management review, before release to the business. Contributing to existing process and procedure documentation, and assisting in creating new process and procedure documentation in response to dynamically changing threats, information security landscapes, and business requirements. When required, mentor other Tier 1 SIRCC Operations team members. Who you areTechnical skills: Experience with multiple types of enterprise-level anti-malware packages currently available. Experience with Operating System security, administration, and logging in an enterprise environment. Previous experience writing technical documentation and/or process documentation. Strong verbal and written English skills and the ability to communicate clearly on telephone calls, and via instant messaging. Proficient in Microsoft Office tools , with strong skills in MS Excel for data analysis, including creating pivot tables, graphs, and using formulas to sort and filter data. Additionally, adept at consolidating presentations in MS PowerPoint. Personal skills and qualities: The ability to learn new processes quickly in response to changes in business requirements and the Information Security landscape. The ability to think flexibly and “outside the box” and to communicate clearly while under pressure. Good organisational skills and the ability to arrange meetings, take meeting minutes. Recruitment Fraud WarningRecruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available. About UsDXC Technology (NYSE: DXC) helps global companies run their mission-critical systems and operations while modernizing IT, optimizing data architectures, and ensuring security and scalability across public, private and hybrid clouds. The world's largest companies and public sector organizations trust DXC to deploy services to drive new levels of performance, competitiveness, and customer experience across their IT estates. Learn more about how we deliver excellence for our customers and colleagues at DXC.com.#J-18808-Ljbffr

Requirements