Content Engineer

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
Why you’ll love your job:
You will join IBM Security Services which is a division of IBM Consulting responsible for delivering security services to its large global customers alongside major digital transformation projects in the application and cloud domains. You will join a team of 20 + Security Analysts who are looking after to monitor detect and respond to cyber threats. This is an excellent opportunity to learn and apply cybersecurity fundamentals using leading edge tools. Learn more about the SOC Security Operations Centre here . We look for motivated junior professionals who are keen to learn and grow.

Your Role and Responsibilities :

• Leading complex automation and tuning activities • Preparing and implementing automation and tuning solutions. • Collaborating daily with cross-functional teams internally and with clients. Mainly incident response analysts threat hunters architects and security consultants. • Creating weekly (operational) and monthly (executive) engineering reports about fine-tuning and automation of detection rules and efficiency of SOC measured against agreed meters. • Responsible for understanding contractual baselines and pushing forward to achieve them via driving necessary meetings and development tasks. • Act as the primary point of contact when it comes to troubleshooting designing and deploying security workbooks playbooks data connectors and analytical rules.

Required Technical and Professional Expertise
• Understanding of VPN IDP/IPS WAF and Firewall systems
• Understanding of Cyber Kill Chain and MITRE ATT&CK frameworks
• Hands-on experience with managing Microsoft Cloud Security Suite such as Azure AD Sentinel (SIEM) Defender (XDR) and MDE
• Good knowledge of enterprise SOC structure SOC-as-a-service
• Good knowledge of use case and workflow management
• Capability of composing and understanding advanced KQL
• Microsoft Certified SC-900 and AZ-900

Preferred Technical and Professional Expertise
• Familiar with ticketing systems such as ServiceNow
• Familiar with Kanban boards such as Trello or in M365 Teams
• Familiar with Zscaler Checkpoint Fortinet Cisco Crowstrike Proofpoint CyberArk systems and their logs
• Familiar with MaGMa framework IoT Security SIGMA rules or GitHub
• Experience in malware analysis or reverse engineering
• Microsoft Certified SC-100 SC-200 SC-300 SC-400 AZ-500