A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you'll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience
* Experience in advance investigation triaging analysis and escalation of security incidents with recommendations
* Hands-on basic experience with configurations and management of SIEM tools(Qradar)Β including log source integrations custom parser built fine tuning and optimizing the correlation rules and use cases recommendations Is MUST.
* Proven Experience on any of the Security information and event management (SIEM) tools using Qradar
* Playbook development
* Data-driven threat hunting using SIEM EDR and XDR tools
* Basic Experience is SOAR tools such as Qradar Resilient PaloAlto XSOAR
* Identify quick defence techniques till permanent resolution.
* Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
* Review incidents escalated by Level 1 analysts.
* Launch and track investigations to resolution. Recognize attacks based on their signatures differentiates false positives from true intrusion attempts.
* Actively investigates the latest in security vulnerabilities advisories incidents and penetration techniques and notifies end users when appropriate.
* Identify the gaps in security environment & suggest the gap closure
* Drive & Support Change Management
* Performs and reviews tasks as identified in a daily task list.
* Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting
* Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS Microsoft Azure etc.
* Willing to work in 24x7 rotational shift model including night shift.
* 5+ Years Hands-on experience required in Qradar SIEM and SOAR.
* Desired experience in Threat hunting Threat intelligence.
* Worked on tools belongs to Qradar UEBA UAX.
* Bachelorβs degree in engineering/information security or a related field.
* Relevant certifications such as CEH CISSP CISM CompTIA CASP+ or equivalent.
* Proven experience to work in a SOC environment.
* Strong analytical and problem-solving skills.
* Excellent communication and collaboration abilities.
* Ability to work in a fast-paced dynamic environment.
* Deep technical knowledge of security technologies and advanced threat landscapes.