Security Consultant-Soc

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

• Oversee security event monitoring and threat management.
• Establish and maintain operational foundations for SOC operations.
• Coordinate effectively with stakeholders for incident management and escalation procedures.
• Create reports, dashboards, and provide insights for continuous process improvement.
• Act as a security advisor, providing guidance on security incidents and threats.
• Supervise analysts to ensure adherence to established protocols and improve SOC team performance.
• Regularly review SOC operations to ensure compliance with defined processes.
• Efficiently manage and track incident response timelines and SOC activity.
• Evaluate and propose improvements for SOC processes and procedures.
• Develop and assess performance metrics for SOC team effectiveness.
• Suggest additions or removals of log sources for monitoring purposes.
• Collaborate with external teams for incident management and ensure compliance with security policies and documentation.
• Implement and maintain integrated work schedules for 24x7x365 SOC operations
• Guide L1 teams in developing and configuring use cases for SOC monitoring tools.
• Lead SOC operations and own the Security Incident Management process
• Ensure operational control of SOC, integrating threat intelligence and related processes.
• Manage service delivery and client expectations effectively
• Develop and maintain reporting metrics for SOC activities
• Act as the Subject Matter Expert (SME) for Cyber Security incidents and provide strategic guidance
• Collaborate with internal and external teams for security incident remediation
• Proactively mitigate cyber security risks and enhance attack detection and response capabilities.

Required Technical and Professional Expertise

• 5+ years of experience in SOC, with 1+ year as a SOC Team Lead
• Strong knowledge of Linux-based systems.
• Experience with security device management and SIEM, including Wazuh and IBM QRadar.
• Expertise in cyber-attack techniques, threat vectors, risk management, and incident management.
• Hands-on experience with Wazuh SIEM tool for log analysis.
• Experience in managing Security Operations Centre’s/Managed Security Services.
• Proficiency in cyber security attack methods, advanced threat management, and SIEM tools.
• Knowledge of operating systems, applications, databases, and middleware for addressing security threats.
• Experience or knowledge in digital forensics.

Preferred Technical and Professional Expertise

• Professional certifications (Security+, CCSE, CCSP, TICSA, MCSE, etc.) are desirable.