Introduction

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities

Who you are:

We are actively seeking an experienced and highly skilled resource to join our elite cybersecurity team. In this role, you will play a critical part in shaping and implementing advanced security strategies to safeguard our organization against sophisticated cyber threats.

What you'll do:

Primary Responsibility:

• Working experience of 8-12 years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and vulnerability management or testing, system patching, log analysis, intrusion detection, or firewall administration.

• Lead and manage SOAR, SOC -IR, and SOC Engineering teams.

• Identify and operationalize the Threat hunting, SOAR, and SOC process, enhancement and features.

• Support the advanced analytics for critical security incidents, conduct the data-driven threat hunt

• Operationalize and mature the SOC services through Mitre Att&ck, NIST framework, and Cert-in guidelines but not limited.

• Identify training opportunities for the team to mature into a highly proactive & efficient security response team.

• Monitor multiple security technologies, such as SIEM, IDS/IPS, syslog, DLP, file integrity, vulnerability scanners.

• Enable to Correlate and analyze events using SIEM tool to detect IT security incidents.

• Be the POC for customer for any enhancement requirements in SOC

• Be the POC for representing weekly/Monthly/Quarterly security trends and enhancement to Customer (security officer/CSO/CISO)

• Enable integration and adherence to the multiple vetted sources of emerging security threats, risks and vulnerabilities by well assessing the same.

• Establish a robust KEDB/SOPs for security events/incidents and enable L1/L2 teams in maintaining/updating and following the same.

• Run mock triages on technical/approach/processes in SOC with the SOC team on a regular basis.

• Design & implement operational process and procedures to appropriately analyze, escalate, and assist in remediation of critical information security incidents.

• Provide 24x7 operational support for escalations.

• Moderate to Advanced event analysis leveraging SIEM tools

• Moderate incident investigation and response skill set

• Moderate SOAR workflow and playbook skill set

• Moderate threat hunting program skill set

• Moderate log parsing and analysis skill set

• Moderate knowledge of networking fundamentals (TCP/IP, network layers, Ethernet, ARP, etc)

• Moderate knowledge of malware operation and indicators

• Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc)

• Moderate knowledge or IDS/IPS systems

• Good knowledge and experience in Kill chain, Mitre Att&ck and Diamond model

• Moderate knowledge of Windows and Unix or Linux

• Moderate knowledge of Firewall and Proxy technology

• Basic to Moderate knowledge of penetration techniques

• Basic to Moderate knowledge of DDoS mitigation techniques

• Basic knowledge of Data Loss Prevention monitoring

• Basic experience with scripting

• Basic knowledge of forensic techniques

• Basic to Moderate protocol analysis experience (Wireshark, Gigastor, Netwitness, etc.)

• Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.)

• Experienced in mentoring and training junior analysts

How we'll help you grow:

• You'll have access to all the technical and management training courses you need to become the expert you want to be.

• Our team leads love to mentor in case of technical difficulty.

• You have the opportunity to work in many different areas to figure out what really excites you

Required Technical and Professional Expertise

• Hands-on experience required in Qradar SIEM and SOAR.

• Desired experience in Threat hunting, Threat intelligence.

• Worked on tools belongs to Qradar, UEBA, UAX.

• Must have desire to learn or cross skill with new technologies.

• Must be able to work in morning, evening, and night shifts (24*7) - Mandatory.

• Bachelor's degree in engineering/information security, or a related field.

• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.

• Proven experience to work in a SOC environment.

• Deep technical knowledge of security technologies and advanced threat landscapes.

• Proven experience in managing and responding to complex security incidents.

• Strong analytical and problem-solving skills.

• Excellent communication and collaboration abilities.

• Ability to work in a fast-paced, dynamic environment.

Preferred Technical and Professional Expertise

• None

About Business UnitIBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.

This job requires you to be fully COVID-19 vaccinated prior to your start date and proof of vaccination status will be required before your start date. During the Onboarding process you will be asked to confirm your vaccination status, in case you are unable to get vaccinated for any reason, you can let us know at that stage. Please let us know if you are unable to be vaccinated due to medical or religious reasons. IBM will consider such requests on a case by case basis subject to submission of required proof by the candidate before a stipulated date.

Your Life @ IBMIn a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Location StatementWhen applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.

For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.