Dell CSIRT L2 Security Advisor in Bedford, Massachusetts

Why Work at Dell?

Endless challenges and rewards. Opportunities on six continents. A team of colleagues fueled by collaboration. All this, and a company deeply committed to integrity and responsibility.

CSIRT L2 Security Senior Analyst

Dell is a worldwide provider of information technology services and business solutions to a broad range of clients. We seek men and women who share our values, thrive in a team environment, and recognize the importance of accountability; people who strive to exceed expectations to ensure our Clients' success.

We are currently seeking a CSIRT L2 Security Senior Analyst to join our team in Bedford, MA.

Reporting to the Dell Global Incident Response Team, the Security Advisor is responsible for investigating and reporting of major security incidents supporting all Dell business units and mergers & acquisitions. This role requires experience in all phases of Cyber Security Incident Response including preparation, analysis, notification, response, recovery, and post-mortem. The Global Incident Response Team is responsible for coordinating with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role interacts with all levels of the organization, particularly within the Global IT organization and is viewed as a subject matter expert.

The focus of the role is primarily responding to security incidents, managing and consistently maturing the security incident response process to meet the needs of Dell, and building the Global Incident Response Team's technical investigative capabilities (process & technology).

Primary responsibilities:

  • Supervises formal incident response tasks.

  • To form and lead a leveraged virtual incident response team with the various global IT teams and business units and coordinates resources to effectively perform incident response tasks.

  • Takes responsibility for successful execution of incident response plan.

  • Presents incident response report and lessons learned to management.

  • Identify and recommend process improvements.

  • Provide security control enhancement recommendations based on security incident data.

  • Mature the Security Incident Response process to ensure it meets the needs of the global business and is adhered to.

  • To respond and perform technical security investigations on security incidents, root cause analysis, recommend and mitigate the effects caused by an incident.

  • Communicate and build effective relationships with people at all levels.

  • Responsible to manage and drive to closure all Audit issues to the Incident Response and Management process.

  • Attend internal and vendor training if and when required.

  • Communicates and educate information security risks to end-users.

  • Design and coordinate cohesive responses to security events that involve multiple teams across the organization.

  • Build security utilities and tools for internal use that enables you and your fellow team mates to operate at high speed and broad scale.

  • Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.

  • Perform deep dive analysis of malicious artefacts.

  • Provide situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.

  • Reviews, analyzes and resolves difficult and complex information security incidents.

  • Develops new approaches and techniques for use by others.

  • Work with the Security Response Center analysts on incident response tickets and manage / prioritize queue assignments.

  • Documentation and communication of findings.

  • Plan and execute annual Security Incident Response table top exercises.


  • Proven ability to think analytically and solve technical and business problems required.

  • Exceptional ability to analyze and distil relevant findings and determine root cause.

  • Ability to conduct investigations on compromised computers and servers.

  • Proficiency in conducting live assessments on networks, and multiple platforms.

  • Experience in Log and Event analysis as well as correlation of data.

  • Hands-on experience in building automated tools in one or more of the following languages: Python, Ruby, PowerShell, Bash, Batch, C, and C++.Strong knowledge of web technologies, networking protocols, Microsoft Windows and Linux/Unix platforms and tools.

  • Excellent command in English, both written and verbal.

  • Ability to exercise discretion and maintain confidentiality.

  • Excellent time management skills.

  • Excellent coordination skills.

  • Experience in project management / coordination or working in a project team.

  • Reliability, diligence and self-management.

  • Strong customer service skills.

  • Positive and professional attitude.

  • Ability to work in a dynamic and multicultural environment.

  • Technical experience and familiarity of various types and techniques of cyber-attacks.3 - 5 years hands-on experience with focus in areas such as systems, network, application, and information security.

  • ITIL Service Management and/or SANS Advanced Digital Forensics and Incident response qualification (FOR508) is a plus.

  • Tertiary qualifications in Information Systems and specialization in Information Security.Must possess either one or more of the following certifications – CISSP, CEH, CHFI, CISA, CISM and/or PM

Dell is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Dell are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, national, social or ethnic origin, sex (including pregnancy), age, physical, mental or sensory disability, HIV status, sexual orientation, gender identity and/or expression, marital, civil union or domestic partnership status, past or present military service, family medical history or genetic information, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Dell will not tolerate discrimination or harassment based on any of these characteristics. Learn more about Diversity and Inclusion at Dell here