Senior Security Analyst

About DXC Bulgaria

We are DXC – a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company’s entire IT portfolio. We are flexible – we provide everything you need to comfortably work from home, but we also keep our offices open for collaboration, meetings, and building a strong team spirit. We tailor everyone’s development path to their individual interests through training and additional certifications.

Our experience and desire to grow, our mission, and our values ​​create an environment where ambitious people become successful at home. At home – in Bulgaria.

The Senior Security Analyst is an integral part of the Security Incident Response Process within the Intelligent Security Operations Center team. The primary function of the role will be to provide a technical escalation point during Security Incidents, establishing the extent of the threat, the business impacts and advising the most suitable course of action to contain and remedy the incident. Outside of the Incident Process the Senior Security Analyst is expected to maintain a good knowledge of the Current Threat Landscape, help enhance current techniques and identify new methods of detecting threats on our customers’ networks. They must also demonstrate the ability to communicate effectively with the other key stakeholders in the incident process.

Daily challenges:

• Perform detail analysis of events during the incident process, combining sound analytical skills with advanced knowledge of IT Security and Network Threats.
• Provide a containment strategy and remediation plan in order to resolve the security issue.
• Develop and maintain a strong relationship with the Client Security Teams.
• Perform daily follow up on all tickets that were not resolved by Security analysts
• Provide swift and accurate reactions during an ongoing security crisis situations identifying different type IoCs establishing mitigation/remediation plans.
• Follow training plans, requirements and schedules as outlined by the Technical Supervisor.
• Provide out of office hours on-call support and guidance to the junior team members.
• Full understanding of the Cyber Kill Chain methodology
• Escalation to Security support teams as needed.
• Alert tuning analysis proposal
• Alert suppression analysis proposal
•  Key deliverables/accountabilities:
• Ongoing alert analysis and investigation activities to be performed according to SLAs and defined timelines
• Daily review on all ongoing incidents

Experience and skills required:

• Degree/Diploma in Computer Science, Computer Engineering, Electrical Engineering, Management Information Systems or equivalent certifications (MCSE, MCP, HP-UX, CCNA, CCNP, SNIA, SANS).
• Minimum of 2-3 years’ experience within IT Operations, security operations, infrastructure services support (Systems NT, UX, Backups, DB’s, IT Security or Network management), operations monitoring and end user support.
• Minimum of 2-3 years’ hands-on technical knowledge of the applicable technology platform that you will be responsible for: SIEM, Network management, Security and HP Open View Products. Must be able to demonstrate troubleshooting and problem-solving skills.
• Fluent in written and verbal English
• ITIL Version 3 or above
• Security certification

Technical skills:

• Good analytical skills
• Strong interpersonal and security skills
• Good communication skills and customer centric focus – ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external
• Team player. Ability to collaborate and cooperate with members of team and members of other teams
• Understanding of 24×7 mission critical enterprise computing environments and the impact of service disruption on a company’s bottom line
• Ability to pro-actively learn new technology, processes and other skills
• Able to pro-actively search for solutions from knowledge bases, support documentation and other information.
• Keen interest in continual learning and professional development
• Time management skills and ability to multi-task and prioritize assigned tasks, problems and requests in a high-pressure environment
• Flexible, self-motivated with the ability to work under pressure in an international and culturally diverse organization
• Intrusion Detection System
• Proxy Support
• Security Client Support
• Security Devices Administration
• Security Server Compliance Monitoring & Reporting
• Security Training
• Wireshark
• SIEM and XDR tools such as MS Sentinel, ArcSight, Splunk, SumoLogic, MS Defenders, CrowdStrike, Carbon Black
• Linux

What’s in it for you?

At DXC Technology, we don’t just offer jobs – we build careers. Here’s what you can look forward to when you join us:

• Enjoy competitive compensation and grow your career in a fast-paced, international environment.
• Benefit from 24 days of paid vacation to rest, explore, and recharge – plus comprehensive medical and life insurance, and monthly food vouchers to support your lifestyle.
• Access premium learning platforms, get company-sponsored certifications, and grow your skills with continuous development opportunities tailored to you.
• Get recognized through our Employee Recognition Program – your contributions deserve the spotlight.
• Refer great talent through our Employee Referral Program and get rewarded for helping shape our future.
• Enjoy discounts and special offers with your employee badge – it pays to be part of the team.
• Access 24/7 support for you and your family, with a wide range of wellbeing resources to help you thrive.
• Join meaningful initiatives that give back to the community and connect you with like-minded colleagues through fun and impactful experiences. 

We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. We continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted.