A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role you'll be encouraged to challenge the norm investigate ideas outside of your role and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment
In this role you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
NDR Operations & Analysis
Monitor NDR alerts anomalies and threat detections.
Investigate suspicious network traffic patterns and escalate incidents as required.
Perform root cause analysis and support incident response activities.
Create reports and dashboards for threat visibility and management review.
Collaborate with SOC and other security teams for triage and resolution.
Administration & Tool Management
configure and integrate the NDR solution with SIEM SOAR EDR and firewalls.
Perform user access management policy updates and rule tuning.
Maintain system health (patching upgrades backup/restore performance optimization).
Define and implement detection use cases and custom signatures.
Troubleshoot solution performance and connectivity issues.
Ensure logging telemetry and visibility across critical network segments.
Hands-on experience with NDR tools (e.g. Vectra Darktrace Extra Hop Cisco Secure NDR Core light).
Knowledge of network protocols (TCP/IP DNS HTTP SSL/TLS) and common attack techniques.
Familiarity with SOC operations: threat hunting incident triage and malware analysis.
Strong knowledge of system administration (Linux/Windows) and networking fundamentals.
Experience with integration of NDR with SIEM/SOAR platforms.
Good experience in cybersecurity or network security.
Bachelorβs in Computer Science Information Security or related field (or equivalent experience).
Security certifications preferred (e.g. CCNA Security CEH CompTIA Security+ CISSP Associate or vendor-specific NDR certifications).