Senior Cyber Security Analyst

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

As senior Senior Cyber Security Analyst you will be responsible for the detailed investigation of the systems that raise alerts and those that are escalated by the Tier 1 SOC analysts and will recommend or initiate appropriate courses of action to support overall Readiness requirements.

• • Monitoring systems and processes security events and incidents using established processes
  • Performing deep analysis of events and incidents escalated by Tier-1 security analysts.
  • Delegating the investigation of detected events to Tier-1 Security analysts
  • Determining whether critical systems and data are affected and initiates or recommends corrective actions.
  • Maintaining and updates detection rulesets following established processes.
  • Maintaining and updates an incident log and a lessons learned
  • Categorizing and reports incidents following established procedures.
  • Supporting the 24x7x365 SOC by providing a view of security events and network activity
  • Mentoring and supporting Tier-1 security analysts

Required Technical and Professional Expertise

• Quality experience in working as a network security analyst in a security operations center
• Extensive experience with all phases of incident response
• Extensive experience in the inner-workings of Operating systems (Windows and Linux-based)
• Extensive knowledge of network communications and routing protocols
• Experience in programming and/or scripting languages
• Extensive experience using SIEM applications
• Experience managing and prioritizing large volume of alerts
• Experience managing analyzing editing and crafting Intrusion Detection rules
• Practical experience in Information Security concepts and technology
• English – excellent verbal and written communications skills

Preferred Technical and Professional Expertise

• GIAC GCIH Certification
• GIAC GCIA Certification
• Microsoft Certified Windows Server Administrator (or equivalent Windows Certification)
• Redhat Certified Systems Administrator (or equivalent Linux certification)
• CISSP / CISM or equivalent certification