Introduction
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
Your role and responsibilities
- The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution.
- In-depth knowledge of technical approaches in security analytics monitoring and alerting. Maintains technical knowledge within areas of expertise.
- This role is also responsible for identifying analyzing developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation
Required education
Bachelor's Degree
Preferred education
Master's Degree
Required technical and professional expertise
- Should have experience in any of the query language i.eĀ AQL KQL SPL LEQL etc for writing the complex queries & saved search creation.
- Should have strong knowledge of different cybersecurity frameworks i.e.MITRE NIST and Cyber kill chain model.
- Should have understanding of regular expression writing and custom parsing
Preferred technical and professional experience
- Collaborate with key stakeholders within technology application and cyber security to develop use cases to address specific business needs.
- Create technical documentation around the content deployed to the SIEM.
- Creates and develops correlation and detection rules with SIEM solution reports & dashboards to detect emerging threats