Introduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience
Your Role and Responsibilities Key Responsibilities:
Lead Incident Response (IR):
Act as the Subject matter expert for security incidents.
Analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts.
Provide leadership during incident investigations, ensuring rapid and thorough handling.
SOC Automation & Integration:
Leverage Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities.
Design, implement, and maintain playbooks within XSOAR to address emerging security threats.
Threat Hunting & Monitoring:
Proactively perform threat hunting activities to detect advanced threats that may bypass existing security solutions.
Leverage both internal and external threat intelligence to identify and mitigate potential security risks.
OSINT Utilization:
Utilize Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information for early identification of threats.
Collaboration & Communication:
Collaborate with other teams (IT, legal, risk) to align incident response strategies.
Clearly communicate complex security issues to both technical and non-technical stakeholders through reports and presentations.
Provide security awareness training and mentoring to SOC analysts and other team members.
Required Technical and Professional Expertise
6+ years of experience in IT security with SOC Operations
Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM
Working knowledge of industry standard risk, governance and security standard methodologies
Proficient in incident response processes – detection, triage, incident analysis, remediation and reporting
Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc
Expertise in Python scripting and Palo-alto XSOAR
Preferred Technical and Professional Expertise
One or more security certifications: CEH, Security+, GSEC, GCIH, etc.,
