Job Description
IntroductionInformation and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities - Monitor and analyze security events and incidents.
- Establish foundational operations and procedures for SOC.
- Manage and improve threat detection and response processes.
- Collaborate with stakeholders to ensure alignment on security needs.
- Generate reports and dashboards for tracking SOC performance.
- Oversee process improvement programs for SOC operations.
- Act as a security advisor, providing expertise on security matters.
- Guide analysts in protocol adherence and supervise team members.
- Maintain up-to-date knowledge of cybersecurity developments.
- Regularly review SOC operations and ensure compliance with established processes.
- Manage escalation procedures efficiently and ensure timely resolutions.
- Monitor and review incident and case records for compliance and efficiency.
- Track timeline adherence for SOC activities and enhance efficiency.
- Continuously assess and improve SOC team processes and procedures.
- Develop and assess metrics to gauge SOC team performance.
- Recommend log sources to include or remove from monitoring scope.
- Coordinate with external teams during incident management events.
- Develop, implement, and maintain SOC policies, procedures, and documentation.
- Manage and schedule 24x7x365 SOC operations to ensure resource availability.
- Guide the L1 team in use-case development and configuration on SOC monitoring tools.
- Provide leadership and oversight for SOC operations, owning the Security Incident Management process.
- Integrate SOC, Threat Intelligence, and related processes for operational control.
- Deliver client-facing services, managing expectations and service delivery.
- Design and track reporting metrics to measure SOC activity effectiveness.
- As a Subject Matter Expert (SME) on Cybersecurity, advise on Security Incidents and Threats.
- Collaborate with internal and external contacts to remediate security incidents.
- Proactively mitigate cybersecurity risks, enhancing detection and response protocols.
Required Technical and Professional Expertise
- 5+ years of SOC experience, including 1+ year in a team lead role.
- Strong proficiency with Linux-based systems.
- Experience in security device management and SIEM (e.g., Wazuh, IBM QRadar).
- In-depth understanding of security concepts (cyber-attacks, threat vectors, risk management, incident management).
- Expertise in analyzing logs, particularly using Wazuh SIEM tools.
- Proven experience in SOC or Managed Security Services management.
- Advanced knowledge of cybersecurity threats, tools, and techniques.
- Proficiency with SIEM, SOAR, and Threat Intelligence platforms.
Preferred Technical and Professional Expertise
- Knowledge of diverse operating systems, applications, databases, and middleware to address security threats.
- Familiarity with digital forensics.
- Desirable professional certifications (e.g., Security+, CCSE, CCSP, TICSA, MCSE).