Incident Response Consultant (Forensic)

Why join DXC Technology?

DXC Technology (NYSE:DXC) - where brilliant people embrace change and seize opportunities to advance their careers and amplify customer success.

People are the heart of our business. We support each other and work as a team, globally and locally to deliver excellence for our customers and colleagues. We live in more than 70 countries, speak multiple languages and work with over 6,000 customers on almost every continent. We use the power of technology to deliver technology services that move the world. DXC.com

At DXC we pride ourselves on delivering excellence in everything we do. What this means for you is the opportunity to be a part of delivering innovative solutions and helping to solve real business problems for a wide variety of valued clients.

As a Cyber Defence and Incident Response Consultant, you are expected to be an experienced security consultant with a breadth of knowledge in responding to and managing security incidents and breaches. You are also an individual with a deep level of technical knowledge, able to develop Security strategies for DXC clients, with in-depth knowledge and understanding of sophisticated threat actors and threats and how to deal with complex breach incidents as part of a wider Incident Response (e.g. ransomware breaches, remediation and security enhancement etc.). You'll have a complete knowledge of live Security incident management and handling including leading, teaming, analysis and remediation, comprehensive understanding of security improvement planning, and an ability to make in depth recommendations regarding same. Having the flexibility and ability to respond and be mobilised outside of working hours in the event of a major Security incident are crucial in this role.

What will keep you busy

• The ability to provide a highly skilled Computer Security Incident Response capability working with DXC teams that is able to react on a 24/7 basis to effectively manage security incidents.
• The ability to effectively identify, recover and analyse seats of relevant information and evidence.
• To be able to assess security posture of diverse technical environments and make recommendations to address gaps or make improvements.
• Identify new opportunities to improve security across the enterprise.
• Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer environments, network threats and exploits.
• The ability to carry out sensitive e-Disclosure and Computer Forensic enquiries.
• Partner with DXC Integrity on Legal and Human Resources to conduct Security and Technology forensic analysis as required. Comprehend contracts from a Security perspective, translate and articulate into lay persons terms the meaning of any responsibilities and obligations. Comprehend confidential and legal privilege to support Legal in their efforts to maintain these principles.
• Work alongside multiple teams, maintain motivation, identify and address skill gaps and support the team to deliver the best service possible.
• Establish and maintain relationships with National Authorities and Computer Emergency Response Teams.
• Establish and maintain relationships for Cyber Threat intelligence.
• Work across Cyber Defense teams, Security Incident Response Control Centre (SIRCC), Cyber Threat Intelligence, Red Team (Penetrating testing), Blue Team (Threat Hunting) and Security Tools.
• Adhere to, comprehend Security policies, evangelize and identify areas for improvement.
• Work alongside DXC Cyber Defense Remediation team, DXC Account teams and DXC clients to assess Security Maturity and provide Tactical and Strategic guidance aligned with DXC Security Cyber Reference Architecture and offerings.

The skills you will bring

• BSc or higher in Computer Forensics or relevant digital investigation/security Incident Response qualification
• 7 – 10 year technical experience within cyber security
• Has attained and hold, or is willing and able to obtain national security clearance
• 4+ years’ experience as a technical team lead with demonstrable experience managing priorities. Ideally managing and training members in different time zones
• Experienced of in-depth knowledge of threat hunting, incident handling and investigation
• Designing and participating in Tabletop Exercises with customers
• Willing to work flexible hours to meet the needs of a given Incident Response scenario
• Prepare reports and prepare and deliver presentations for both expert and senior audiences
• Guide, influence and provide thought leadership within Incident Response services
• Competent handling evidence and able to meet formal standards for handling evidence
• Well-presented professional client facing demeanour
• Network security knowledge emanating from experience in pen testing, network security, data analysis and malware analysis
• Log analysis and incident remediation
• Live forensics experience
• Ability to use and advise on complex toolsets (e.g. Network traffic analysis technology) and produce effective analytical results from same
• Understanding of relevant security, compliance and data protection requirements
• IR: Diverse knowledge e.g., O/S environments e.g., Windows, Mac, *Nix, Scripting skills, command line experience, Database skills and knowledge
• Good communication and report writing skills
• Ability to present complex scenarios and outcomes at CIO/CISO or senior level business or government audience

Desirable skills:

• Able to articulate Cyber Defense concepts and develop Security strategy towards mature Cyber Defense capabilities
• In depth understanding of Australian regulatory requirements and cyber security standards in addition to globally recognized information security standards and regulatory regimes
• Able to proactively hunt for adversaries using a variety of tools and techniques
• Understand how advanced, real world attack footprints look like and how to identify tools techniques and procedures within log data
• Experience and knowledge of threat intelligence techniques, honeypots and 3rd party threat feeds
• Knowledge of current threat groups, their trade craft, and analysis techniques
• Practitioner with Incident Response toolsets and investigation techniques
• Host centric analysis utilising a variety of tools
• Network centric analysis utilising a variety of tools
• Experience working in a commercial managed services environment
• Experience leading complex Incident Response investigations

Your working environment

In alignment with our commitment to fostering a flexible and dynamic work environment, we have adopted a hybrid working approach that acknowledges the importance of in-person collaboration while recognising that the determination of your work location will be based on a range of factors to ensure both individual preferences and operational requirements are met."

Our culture and benefits

DXC is committed to building better futures for our customers, colleagues, environment, and communities. We take care of each other and foster a culture of inclusion, belonging and corporate citizenship. We put this to action developing and implementing societal initiatives within our Social Impact Practice. #WeAreDXC

As an employer of choice, our “people first” philosophy means we offer competitive remuneration, benefits, training and career opportunities that reflect our commitment to improving the lives of our employees, and the communities in which we live and work.

How to apply & our commitment to you in return

If you would like to be part of a culture that drives innovation, delivers results, rewards performance and encourages ideas, then please press the "Apply Now" button to submit your resume.

In return, we agree to ensure a hiring process that is enjoyable, thorough, and fair. We strive to provide an environment that lets you thrive and show off the very best version of yourself, while learning about us at the same time.

Interviews and onboarding are conducted online, as part of us being a virtual-first company.

We are an Equal Opportunity Employer

DXC is proud to be an equal opportunity employer and we welcome submissions from people from all walks of life. We celebrate our diversity and recognise it is the unique contributions of our people that give us our edge.

Accommodation of special needs for qualified candidates may be considered within the framework of the DXC Accommodation Policy. In addition, DXC Technology is committed to working with and providing reasonable accommodation to support qualified individuals with physical and mental disabilities.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.