Beschreibung
Permanent Role• Provide leadership with Commercial Clients, handling Threat Hunt service requests, queries and issues. Responsible for ensuring specific client satisfaction and for delivering the regular client Threat Hunt reports and presentations
• Lead a subset of team members in specific Client Threat Hunt exercises, managing workload distribution and organisation of all aspects of the delivery of the Threat Hunt service for the assigned client
• Be a thought-leader in terms of development of Threat Hunt hypothesis and methodologies, along with service delivery improvement
• Lead major Incident Investigations, tracking and coordinating the actions of team members
• Report accordingly on status of client Threat Hunts to operational management
• Analyse and correlate results from various technology platforms. This entails investigating and assessing the impact of security events resulting from hits on indicators of compromise (IOCs), indicators of attack (IOA), or behavioural patterns (TTP’s - Tactics, Techniques, and Procedures) derived from bespoke queries within available technology platforms
• Participate where required in the design, execution, and reporting of Threat Hunt exercises on behalf of both DXC and their customers
• Understand DXC’s technologies to deliver part of a Cyber Defense security service, which meets both DXC’s and their customers’ requirements.
• Able to travel to client sites when needed
• Participation in an on-call rota
Knowledge and Skills:
General:
• Deep understanding of Windows Operating Systems and Linux Operating Systems
• Deep understanding of the principles of Threat Hunting and Incident Response
• Excellent communication skills and customer centric focus - ability to communicate clearly and in a timely manner with all customers, partners and users, internal and external
• Excellent analytical and troubleshooting skills and excellent report writing skills
• Understanding of 24x7 mission critical enterprise computing environments and the impact of service disruption on a company’s bottom line
• Able to pro-actively search for solutions from knowledge bases, support documentation and other information.
• Flexible, self-motivated with the ability to work under pressure in an international and culturally diverse organization.
Education and Professional experience:
Required:
• University Degree/Diploma in Computer Science, Digital/Cyber Security
• Event and Alert analysis from platforms such as a SIEM
• Log analysis – particularly Windows Event Logs, Web logs, Linux logs
• 2yr+ Endpoint Detection and Response (EDR) experience
• 5yr+ industry experience
Desirable:
• Any Threat Hunting / Forensic Analysis / Incident Response certifications
• Other certifications (e.g. CHFI, CISSP, CEH, CompTIA Security +, GCIH, GREM, GCFA)
• Computer Forensics / Cyber Security / Ethical Hacking experience
• Malware Analysis, Reverse Engineering
• Penetration Testing
Other requirements:
• Fluent in written and spoken German and English