Security Specialist-SOC Engineer

Introduction
At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities

• Responsible for QRadar operations and maintenance administration of underlying Operating system
• Person Will be responsible for Incident Validation Incident Analysis Solution Recommendation Resolve Escalations Maintain Knowledge base/play book creation. Rule base Management General SOC Administration Resolve user queries
• Log source integration and troubleshooting
• Incident Triage – incident classification and prioritization.
• Incident response by escalating qualified incidents to SOC in-charge / Project Manager.
• Preparing Incident Dashboard and Health check dashboards
• Periodic Patch upgrade and system upgrades
• Person should have worked on IBM QRadar or similar tool
• Person should have prior hands-on experience in FortiGate / Checkpoint Firewall and / or End-point security
• Willing to work in 24×7 rotation shift including night shifts

Required Technical and Professional Expertise

• 1 to 2 years Working experience in L1 analytics like incident detection triaging and basic analysis using any one of the SIEM tools like Qradar
• Experience in report management using SIEM tools
• Experience in ITIL process for Incident change and problem management
• Knowledge in TCP/IP and OSI/ISO Model
• Basic knowledge in routing and routing protocols
• Knowledge in IP addressing and subnetting
• Good understanding of various attacks like Port scan network scan ddos malware virus worms ransomware cross-site scripting cross-site scripting forgery attacks Sql Injection
• Experience in ticket creation and tracking using ITIL Process
• Experience in maintaining and updating Help files device inventory and run books
• Basic understanding of Cloud computing
• Basic understanding and use of dashboards use cases reports rule tuning log sources in SIEM
• Basic understanding on threat intelligence and on threat intelligence feeds

Preferred Technical and Professional Expertise

• Certifications: CEH or Comptia Security+ or Qradar foundations or Equivalent
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops reviewing publications
• Scripting knowledge in python json shell scripting