Cyber Defence and Incident Response Consultant

**Why join DXC Technology?**

DXC Technology (NYSE:DXC) - where brilliant people embrace change and seize opportunities to advance their careers and amplify customer success.

At DXC we pride ourselves on delivering excellence in everything we do. What this means for you is the opportunity to be a part of delivering innovative solutions and helping to solve real business problems for a wide variety of valued clients.

As a Cyber Defence and Incident Response Consultant, you are expected to be an experienced security consultant with a breadth of knowledge in responding to and managing security incidents and breaches. You are also an individual with a deep level of technical knowledge, able to develop Security strategies for DXC clients, with in-depth knowledge and understanding of sophisticated threat actors and threats and how to deal with complex breach incidents as part of a wider incident response (e.g. ransomware breaches, remediation and security enhancement etc.). You'll have a complete knowledge of live Security incident management and handling including leading, teaming, analysis and remediation, comprehensive understanding of security improvement planning, and an ability to make in depth recommendations regarding same. Having the flexibility and dynamic working approach and ability to work 24/7 in delivery capability are crucial in this role.

**What will keep you busy**
- The ability to provide a highly skilled Computer Security Incident Response capability working with DXC teams that is able to react on a 24/7 basis to effectively manage security incidents.
- The ability to effectively identify, recover and analyse seats of relevant information and evidence.
- To be able to assess security posture of diverse technical environments and make recommendations to address gaps or make improvements.
- Identify new opportunities to improve security across the enterprise.
- Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer environments, network threats and exploits.
- The ability to carry out sensitive e-Disclosure and Computer Forensic enquiries.
- Partner with DXC Integrity on Legal and Human Resources to conduct Security and Technology forensic analysis as required. Comprehend contracts from a Security perspective, translate and articulate into lay persons terms the meaning of any responsibilities and obligations. Comprehend confidential and legal privilege to support Legal in their efforts to maintain these principles.
- Work alongside multiple teams, maintain motivation, identify and address skill gaps and support the team to deliver the best service possible.
- Establish and maintain relationships with National Authorities and Computer Emergency Response Teams.
- Establish and maintain relationships for Cyber Threat intelligence.
- Work across Cyber Defense teams, Security Incident Response Control Centre (SIRCC), Cyber Threat Intelligence, Red Team (Penetrating testing), Blue Team (Threat Hunting) and Security Tools.
- Adhere to, comprehend Security policies, evangelize and identify areas for improvement.
- Work alongside DXC Cyber Defense Remediation team, DXC Account teams and DXC clients to assess Security Maturity and provide Tactical and Strategic guidance aligned with DXC Security Cyber Reference Architecture and offerings.

**The skills you will bring**
- BSc or higher in Computer Forensics or relevant digital investigation/security incident response qualification
- 7 - 10 year technical experience within cyber security
- Has attained and hold, or is willing and able to obtain national security clearance
- 4+ years’ experience as a technical team lead with demonstrable experience managing priorities. Ideally managing and training members in different time zones
- Experienced of in-depth knowledge of threat hunting, incident handling and investigation
- Designing and participating in Tabletop Exercises with customers
- Willing to work flexible hours to meet the needs of a given incident response scenario
- Prepare reports and prepare and deliver presentations for both expert and senior audiences
- Guide, influence and provide thought leadership within incident response services
- Competent handling evidence and able to meet formal standards for handling evidence
- Well-presented professional client facing demeanour
- Network security knowledge emanating from experience in pen testing, network security, data analysis and malware analysis
- Log analysis and incident remediation
- Live forensics experience
- Ability to use and advise on complex toolsets (e.g. Network traffic analysis technology) and produce effective analytical results from same
- Understanding of relevant security, compliance and data protection requirements
- IR: Diverse knowledge e.g., O/S environments e.g., Windows, Mac, *Nix, Scripting skills, command line experience, Database skills and knowledge
- Good communication and report writing skills
- Ability to present complex scen