Information Security Engineer - Remote

Job Description:

Information Security Engineer - Remote

This is a remote position - the candidate can be located anywhere in Costa Rica. Work schedule is Monday – Friday, or Tuesday – Saturday, or Sunday – Thursday from 8-5pm

At DXC we use the power of technology to deliver mission critical IT services that our customers need to modernize operations and drive innovation across their entire IT estate. We provide services across the Enterprise Technology Stack for business process outsourcing, analytics and engineering, applications, security, cloud, IT outsourcing and modern workplace.

Our DXC Security services help customers assess risk and proactively address all facets of their security environment, from threat intelligence to compliance. We leverage proven methodologies, intelligent automation and industry-leading partners to tailor security solutions to our customers' unique business needs.

About this role

• The position will report to the SIRCC (Security Incident Response Control Center) Manager and operate within a 24/7 follow-the-sun environment, collaborating with team members and shift workers across various locations.
• First point of contact for all DXC internal Security Incidents;
• Responsible for logging all reported incidents, performing the initial risk assessment and triage of the incident;
• Manage/coordinate incident responses for ‘low’ priority incidents and escalate to Tier 2/3 teams when the incident is a high priority/complex incident.

What you’ll do

Receive input from various event sources, investigate it for unusual and potentially malicious behaviour that may indicate security incidents, and escalate any suspicious activity or anomalies to the Tier 2 SIRCC Analyst team;

• During security incidents, coordinate with Tier 2 SIRCC Analysts and Tier 3 Incident Coordinators to determine actions that the Tier 1 team can undertake in response to the incidents.
• Analyse and perform risk assessments on the potential impact to the business threat and vulnerability information in the public domain.  Document the risk assessment, and escalate to the Tier 2 SIRCC Analyst team for peer review and publishing.
• For low priority incidents (e.g. unsolicited bulk e-mail notifications, one-off or small numbers of known malware infections), coordinate the incident response by the various individuals and other stakeholders within the business; 
• Document the results of security investigations and incidents in the appropriate ticketing systems.
• Ensure that incident and event investigation data is correctly recorded for inclusion in regular reports.
• Receive escalations from various security SOC teams within the business, and investigate, follow up on, and escalate to Tier 2 and Tier 3 SIRCC teams as appropriate;
• Using an established process, acquire malware samples for analysis by Tier 2 and Tier 3 SIRCC teams; 
• Take ownership of documenting incidents, as part of the team's contribution to the compilation of incident reports for final peer and management review, before release to the business;
• Contributing to existing process and procedure documentation, and assisting in creating new process and procedure documentation in response to dynamically changing threats, information security landscapes, and business requirements;
• When required, mentor other Tier 1 SIRCC Operations team members.

Who you are

Technical skills:

• Experience with multiple types of enterprise-level anti-malware packages currently available;
• Experience with Operating System security, administration, and logging in an enterprise environment;
• Previous experience writing technical documentation and/or process documentation.
• Strong verbal and written English skills and the ability to communicate clearly on telephone calls, and via instant messaging;
• Proficient in Microsoft Office tools, with strong skills in MS Excel for data analysis, including creating pivot tables, graphs, and using formulas to sort and filter data. Additionally, adept at consolidating presentations in MS PowerPoint. .

Personal skills and qualities:

• The ability to learn new processes quickly in response to changes in business requirements and the Information Security landscape;
• The ability to think flexibly and “outside the box” and to communicate clearly while under pressure;
• Good organisational skills and the ability to arrange meetings, take meeting minutes.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.