Tier 2 SOC Analyst- Cyber Threat Analysis Center
DXC Technology, Erskine, Renfrewshire
Tier 2 SOC Analyst- Cyber Threat Analysis Center
Salary not available. View on company website.
DXC Technology, Erskine, Renfrewshire
- Full time
- Permanent
- Onsite working
Posted 5 days ago, 25 Mar | Get your application in now to be included in the first week's applications.
Closing date: Closing date not specified
job Ref: 9d2b2aa2dcfc4e879764b71414586752
Full Job Description
- This role is based onsite in DXC Erskine, Newcastle, Corsham & Farnborough it covers a rotational 24x7 shift pattern
- MUST have at least 6months working experience in SIEM technologies, The Tier 2 Cyber Security Analyst is a mid-Tier position within the Cyber Threat Analysis Centre (CTAC), responsible for advancing the initial work conducted by Tier 1 Analysts and providing more in-depth analysis of potential threats to the organization. This role is crucial in the escalated investigation, triage, and response to cyber incidents while supporting the development and training of Tier 1 Analysts. The Tier 2 Analyst works closely with senior and junior analysts to ensure a seamless SOC operation and acts as a bridge between foundational and advanced threat detection and response functions. Responsibilities:
- Conduct escalated triage and analysis on security events identified by Tier 1 Analysts, determining threat severity and advising on initial response actions.
- Apply expertise in SIEM solutions utilizing Kusto Query Language (KQL), to perform log analysis, event correlation, and thorough documentation of security incidents.
- Identify and escalate critical threats to Tier 3 Analysts with detailed analysis for further action, ensuring rapid response and adherence to service Tier objectives (SLOs).
- Investigate potential security incidents by conducting deeper analysis on correlated events and identifying patterns or anomalies that may indicate suspicious or malicious activity.
- Use OSINT (Open-Source Intelligence) to enrich contextual data and enhance detection capabilities, contributing to a proactive stance on emerging threats.
- Monitor the threat landscape and document findings on evolving threat vectors, sharing relevant insights with CTAC teams to enhance overall situational awareness.
- Follow established incident response playbooks, providing feedback for enhancements and suggesting updates to streamline CTAC processes and improve threat response times. .
- Coordinate with Tier 3 Analysts and management to refine detection and response workflows, contributing to continuous SOC maturity.
- Collaborate with Tier 3 Analysts on tuning SIEM and detection tools to reduce false positives and improve alert fidelity, submitting tuning requests and testing configurations when necessary.
- Identify gaps in current detection content and work with Senior Analysts to develop and validate new detection rules and use cases tailored to the organization's threat profile. Tier 2 Analyst Roles and Responsiblilties DXC Public 2
- Act as a mentor to Tier 1 Analysts, offering guidance on triage and analysis techniques and facilitating on-the-job training to elevate their technical skills and operational efficiency .
- Assist in training sessions and knowledge-sharing activities, providing feedback on areas for growth and contributing to a supportive learning environment within the SOC. Knowledge and Skills
- Understands advanced networking concepts, including IP addressing, basic network protocols, and how traffic flows within a network.
Advanced knowledge of Windows and Linux operating environments, including standard commands, file systems, and user authentication mechanisms. - Competence in using SIEM solutions (e.g., ArcSight, Azure Sentinel) for monitoring and log analysis; some exposure to additional analysis tools such as basic XDR platforms.
- Able to demonstrate proficient knowledge using Kusto Query Language (KQL) to search and filter logs effectively.
- Familiar with open-source intelligence (OSINT) techniques to aid in identifying potential threats and gathering information.
- Able to communicate clearly and efficiently with team members and stakeholders, both internally and externally, under direction from senior analysts.
- Can communicate simple technical issues to non-technical individuals in a clear and understandable way.
- Able to create concise, structured reports that outline findings from preliminary investigations and daily monitoring activities.
- Able to manage personal workload effectively to ensure timely completion of assigned tasks within the SOC.
- Willing to collaborate with team members, accepting guidance and learning from more experienced analysts.
- Shows initiative in learning new technologies and techniques, leveraging internal resources and training to grow professionally.
- Able to function efficiently during high-pressure situations, following procedures to ensure consistent performance in incident management. Tier 2 Analyst Roles and Responsiblilties DXC Public 3 Education and Professional Experience
- University Degree/Diploma in Cyber Security or Equivalent experience
- Other IT certifications or experience such as CISSP, COMPTIA CySA+, GCIA, GCIH Desirable
- IT certifications such as CASP or ITIL
- Experience in a SOC or SOC equivalent
- SC / DV clearance Other Requirements
- Full Driving Licence
- Fluent in written and spoken English
Direct job link
https://www.s1jobs.com/job/tier-2-soc-analyst-cyber-threat-analysis-124818994