A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio including Software and Red Hat. Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you'll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Threat Detection and Analysis:
· Proactively search for threats and indicators of compromise (IoCs) across the organization’s network systems and applications.
· Analyze security data including logs and alerts to identify patterns and anomalies indicative of malicious activities.
· Develop and implement threat-hunting techniques and methodologies to detect sophisticated and emerging threats.
2. Incident Response:
· Collaborate with the Incident Response team to investigate and respond to security incidents.
· Provide insights and recommendations to improve incident handling and response procedures.
· Document findings report incidents and assist in the development of post-incident analysis and remediation plans.
3. Research and Development:
· Stay current with the latest cybersecurity threats vulnerabilities and trends.
· Research new attack vectors tactics techniques and procedures (TTPs) used by adversaries.
· Develop and test new threat-hunting techniques and tools to enhance the organization’s security posture.
4. Collaboration and Communication:
· Work closely with other security team members including SOC analysts security engineers and management to share insights and coordinate defense strategies.
· Prepare and present reports on threat-hunting activities findings and recommendations to stakeholders and executive leadership.
5. Continuous Improvement:
· Contribute to the development and refinement of threat-hunting processes and procedures.
· Participate in regular training and professional development to enhance skills and knowledge in cybersecurity.
Education:
· Bachelor’s degree in Computer Science Information Security or a related field. Relevant certifications (e.g. CISSP CEH GIAC) are a plus.
2. Experience:
· Minimum of 5 years of experience in cybersecurity with a focus on threat hunting incident response or security operations.
· Hands-on experience with threat-hunting tools and technologies (e.g. SIEM EDR threat intelligence platforms).
3. Skills:
· Strong understanding of network protocols operating systems and common attack vectors.
· Proficiency in analyzing and interpreting security data and logs.
· Experience with scripting or programming languages (e.g. Python PowerShell) for automation and analysis.
· Excellent problem-solving skills and the ability to think critically and analytically.
· Strong communication skills with the ability to convey complex technical information to non-technical stakeholders.
Experience with advanced threat-hunting methodologies and frameworks (e.g. MITRE ATT&CK). Along with tool exp is advantage - Cyble.
· Familiarity with cloud security and emerging technologies.
· Prior experience in a threat-hunting role within a large enterprise or complex environment.