Security – SIEM Threat Responder

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
As SIEM Analyst you will be responsible for handling the daily monitoring of Information security events on the SIEM tools. These Senior Specialists are QRadar SMEs that are responsible for event analysis & threat responses. They would also be performing investigation of events escalated from monitoring (Level-1 & 2) team along with hygiene & availability of enterprise SOC platform.
Come join our team of IBM experts who are leaders with vision distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT migrate to cloud apply automation and ensure business continuity. We help client run their IT better accelerate innovation and deliver unmatched performance with the power automation.
If you thrive in a dynamic reciprocal workplace IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative thoughtful solutions to the table there’s no limit to what you can accomplish here.

Responsibilities:

• Cyber Security Threat Hunter should have knowledge regarding advanced persistent threats (APT) cybercriminal groups and hacktivist operations.
• Candidate should have knowledge and experience working with the Cyber Kill Chain Model Diamond Model or MITER ATT&CK Matrix.
• The ability to track APT groups motives analyse current security controls data logs and brief reporting for new ongoing cyber threat operations.
• Candidate must also understand security vulnerabilities and malicious actor tactics techniques and procedures (TTPs) to assess known and emerging cyber threats and better evaluate the effectiveness of layered defenses and toprovide strategic recommendations on new technical and non-technical protections.
• Successful shortlisted candidate will be working with our Threat Intelligence team to develop IOCs for specific cyber threat actors or groups and to understand their tactics techniques and procedures.

Required Technical and Professional Expertise

• Overall 4 years of experience with 3+ of relevant experience.
• B.E./ B.Tech/ MCA/ M.Sc. in Computer Science or IT
• Proven expertise in handling incident threat response incident co-ordination threat mitigation recovery support
• Security Consulting and policy tuning with Situational & environment awareness of business & Incident response.
• Proficient in monitoring security events from various SOC channels (SIEM Tickets Email and Phone) based on the security event severity to handle the service support teams tier2 information security specialists.
• Expertise in threat modelling and Use case development and ability to review policies of security monitoring tools based on security concepts and logical approach.
• Work in a 24×7 Security Operation Centre (SOC) environment

Preferred Technical and Professional Expertise

• Preferred SIEM OEM Certified SIEM Specialist + CEH
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops reviewing publications