other
Posted YesterdaySecurity Incident Handler
at CSC
Sofia, Sofiya, BulgariaOn-site
Responsibilities
- Perform daily follow-up on all tickets that were not resolved by Security Incident Analysts and daily quality checks on all tickets and incidents worked on by Security Incident Analysts.
Requirements
- Outside of the Incident Process the Security Incident Handler is expected to maintain a good knowledge of the Current Threat Landscape, help enhance current techniques and identify new methods of detecting threats on our customers' networks.
- They must also demonstrate the ability to communicate effectively with the other key stakeholders in the incident process.
- D aily challenges Perform detail analysis of events during the incident process, combining sound analytical skills with advanced knowledge of IT Security and Network Threats.
- Full understanding of MITRE framework and the Cyber Kill Chain methodology.
- Escalation to Security support teams as needed and alert tuning analysis proposal and suppression analysis proposal. e X perience and skills required Degree/Diploma in Computer Science, Computer Engineering, Cyber Defense, Computer Forensics, Management Information Systems or equivalent information security industry recognized certifications (ISC2, ISACA, CCNA, CCNP, SNIA, SANS, CompTIA, MCP, MCSE).
- experience within IT Operations, security operations, infrastructure services support (Systems NT, UX, Backups, DB’s, IT Security or Network management), operations monitoring and end user support.
- Minimum of 2-3 years’ hands-on technical knowledge of the applicable technology platform that you will be responsible for: SIEM, Network management, Security and Service Now.
- Must be able to demonstrate troubleshooting and problem-solving skills.
- Understanding of Information Security standards and controls (ISO27001, NIS2, GDPR).
- ITIL Version 4 or above, Security certification, Intrusion Detection System, Proxy Support, Security Client Support, Security Devices Administration, Security Server Compliance Monitoring & Reporting, Security Training, Wireshark, Linux, SIEM and XDR tools such as MS Sentinel, ArcSight, Splunk, SumoLogic, MS Defenders, CrowdStrike, Carbon Black, 7AI. C ompany
- If you feel comfortable with the above-mentioned requirements, please send us your CV in English.
Benefits
- Here’s what you can look forward to when you join us: Enjoy competitive compensation and grow your career in a fast-paced, international environment.
- Benefit from 24 days of paid vacation to rest, explore, and recharge - plus comprehensive medical and life insurance, and monthly food vouchers to support your lifestyle.
- Enjoy discounts and special offers with your employee badge - it pays to be part of the team.
Additional details
- Job Description: About DXC Bulgaria We are DXC – a Fortune 500 global IT services leader.
- In Bulgaria, we are among the largest IT employers, delivering the full spectrum of the company’s diverse technical portfolio.
- Our teams work across cutting-edge technologies, contributing to projects that span industries and geographies.
- We foster continuous learning and professional growth, offering access to targeted training and certifications aligned with individual interests and career aspirations.
- Our culture of collaboration, innovation, and shared values empowers professionals to grow and succeed.
- About the role The Security Incident Handler is an integral part of the Security Incident Response Process within the Security Operations Center team.
- The primary function of the role will be to provide a technical escalation point during Security Incidents, establishing the extent of the threat, the business impacts and advising the most suitable course of action to contain and remedy the incident.
- Participate in the creation, modification and update of security incident management processes.
- Provide swift and accurate reactions during an ongoing security crisis situations identifying different type IoCs establishing mitigation/remediation plans.
- Provide out-of-office hours, on-call support and guidance to the junior team members.