Senior Cyber Security Analyst

Introduction
A sneak peak into this role:
In this role you’ll work in our IBM Client Innovation Center (CIC) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. These centers offer our clients locally-based skills and technical expertise to drive innovation and adoption of new technology.

Your Role and Responsibilities
Why you’ll love your job:
You will join IBM Security Services which is a division of IBM Consulting responsible for delivering security services to its large global customers alongside major digital transformation projects in the application and cloud domains. You will join a team of 20 + Security Analysts who are looking after to monitor detect and respond to cyber threats.

You will be responsible for:

• Monitoring systems and processes security events and incidents using established processes
• Performing deep analysis of events and incidents escalated by Tier-1 Security Analysts
• Delegating the investigation of detected events to Tier-1 Security Analysts
• Determining whether critical systems and data are affected and initiating or recommending corrective actions
• Maintaining and updating detection rulesets following established processes
• Maintaining and updating an incident log and a lessons learned
• Categorizing and reporting incidents following established procedures
• Mentoring and supporting Tier-1 Security Analysts

Required Technical and Professional Expertise

• 2+ years of experience in working as a network security analyst in a security operations center
• extensive experience with all phases of incident response
• extensive experience in the inner-workings of Operating systems (Windows and Linux-based)
• experience working with Splunk
• extensive knowledge of network communications and routing protocols (e.g. TCP UDP Internet Control Message Protocol (ICMP) Border Gateway Protocol (BGP) Multi-Protocol Label Switching (MPLS) etc.) and common internet applications and standards (e.g. Simple Mail Transfer Protocol (SMTP) DNS DHCP SQL Hypertext Transfer Protocol (HTTP) Hypertext Transfer Protocol Secure (HTTPS) etc.).
• experience in programming and/or scripting languages
• experience managing and prioritizing large volume of alerts
• experience managing analyzing editing and crafting Intrusion Detection rules
• practical experience in Information Security concepts and technology
• excellent verbal and written communications skills
• willingness to work in 12h long shifts

Preferred Technical and Professional Expertise

• GIAC GCIH Certification
• GIAC GCIA Certification
• Microsoft Certified Windows Server Administrator (or equivalent Windows Certification)
• Redhat Certified Systems Administrator (or equivalent Linux certification)
• CISSP / CISM or equivalent certification