SOC Process Engineer

Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you’ll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.

Your Role and Responsibilities

• Develop and maintain security policies processes and other documentation to ensure consistent efficient SOC operations. tailored to client needs.
• Work closely with all stakeholders to understand objectives and drive completion of key SOC activities.
• Communicate with client leadership to ensure SOC processes are compliant with federal standards and contract requirements.
• Offer expert advice and recommendations for improving security posture mitigating vulnerabilities and adhering to security standards.
• Assist with incident response and remediation activities including development of incident documentation and after-action reports.
• Update SOC processes based on lessons learned from incidents and incident response tests.

Required Technical and Professional Expertise
Minimum 3 years of experience developing policy and processes for security operations teams
– Ability to write clearly and concisely translating business objectives to technical policy
– Understanding of both technical and administrative aspects of SOC operation including security architecture tool administration personnel management and compliance
– Understanding of FISMA and RMF required artifacts including system security plans incident response plans POA&Ms and more
– CompTIA Security+ certification.
– Ability to analyze complex security issues and provide appropriate solutions or recommendations.
– Strong verbal communication skills with the ability to convey technical concepts to non-technical stakeholders.

Preferred Technical and Professional Expertise
Experience working with FedRAMP (Federal Risk and Authorization Management Program) compliance standards.
– Familiarity with NIST (National Institute of Standards and Technology) guidelines including NIST SP 800-53 and NIST Cybersecurity Framework (CSF).
– Knowledge of other security frameworks such as CIS Controls or ISO 27001.
– Previous experience working with Federal clients in a cloud-hosted environment.