Security – SIEM Threat Responder

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

• Cyber Security Threat Hunter should have knowledge regarding advanced persistent threats (APT) cybercriminal groups and hacktivist operations.
• Candidate should have knowledge and experience working with the Cyber Kill Chain Model Diamond Model or MITER ATT&CK Matrix.
• The ability to track APT groups motives analyse current security controls data logs and brief reporting for new ongoing cyber threat operations.
• Candidate must also understand security vulnerabilities and malicious actor tactics techniques and procedures (TTPs) to assess known and emerging cyber threats and better evaluate the effectiveness of layered defences and to provide strategic recommendations on new technical and non-technical protections.
• Successful shortlisted candidate will be working with our Threat Intelligence team to develop IOCs for specific cyber threat actors or groups and to understand their tactics techniques and procedures.

Required Technical and Professional Expertise

• Overall 4 years of experience with 3+ of relevant experience.
• B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT ONLY
• CEH CERTIFICATION is a must
• Proven expertise in handling incident threat response incident co-ordination threat mitigation recovery support
• Security Consulting and policy tuning with Situational & environment awareness of business & Incident response.
• Proficient in monitoring security events from various SOC channels (SIEM Tickets Email and Phone) based on the security event severity to handle the service support teams tier2 information security specialists.
• Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
• Work in a 24×7 Security Operation Centre (SOC) environment

Preferred Technical and Professional Expertise

• Preferred SIEM OEM Certified SIEM Specialist
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops reviewing publications