IntroductionInformation and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and ResponsibilitiesAs Security Analyst, you are responsible for security monitoring, detection and incident response to defend information, infrastructure and products.Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation.If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here.Responsibilities- Provide security monitoring and incident response services supporting the mission to protect data , products and infrastructure
- Support a coordinated response to complex cyber-attacks that threaten assets, intellectual property, networks and computer systems
- Contribute to the development and improvement of security monitoring and incident response processes and solutions as required to support our cyber security program
- Operate security monitoring and incident response tools with a focus on continuous improvement
- Research and recommend solutions for incident response and digital forensics.
- SIEM (Security Information Event Management) monitoring
- IDS/IPS (Intrusion Detection System/Intrusion Prevention System) monitoring
- Experience with log analysis, event correlation, incident management procedures and systems
- Prior experience leveraging common scripting languages (PowerShell, bash, Python) to parse logs, and automate repeatable tasks
- Proactive detection and remediation of new exploits
- Experience with threat Hunting
- Experience with IOC Enrichment and Analysis
- Security process improvement
Required Technical and Professional Expertise- Minimum 6+ years of prior hands-on experience in cyber security or information technology discipline
- Experience using at least one major SIEM (Qradar, Arcsight) system
- Exposure of TCP/IP networking including knowledge of protocols and services
- Proficient in monitoring security events from various SOC channels (SIEM, Tickets, Email and Phone),based on the security event severity to handle the service support teams, tier2 information security specialists
- Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach
Preferred Technical and Professional Expertise- Preferably Qradar or Arcsight or CEH certified.
- Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
- Intuitive individual with an ability to manage change and proven time management
- Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
- Up-to-date technical knowledge by attending educational workshops, reviewing publications
- Any entrant or Professional skill on shell scripting, AIX, Linux.