Team Lead, SecOps

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
The Team Lead SecOps role:

• Perform monitoring and analysis of event activities identify data exfiltration violations build & document standard procedures and policies investigate issues & document findings and assist with the implementation of security controls and risk security awareness efforts
• Takes an active part in the gathering of threat intel provide analysis of internal & external security intelligence feeds triage analysis and response to security threats and escalate as needed to the next level as per Security Incident Management Process for severe intelligence findings
• Teamwork adaptability listening high integrity & work ethic communication positive demeanor and high level of ownership and accountability
• Actively establish & strengthen relationships with external and internal stakeholders
• Assist in developing knowledge assets such as methodologies processes procedures templates frameworks white papers etc.
• Work in a team and mentor other members in the team to identify potential business opportunities on existing consulting engagements
• Suggest ideas on improving engagement productivity and identify opportunities for improving client service

Required Technical and Professional Expertise

• Minimum of 7 to 8 years of experience in a senior or supervisory role in the cyber security domain experience in stakeholder management with C or V-suite is a big plus
• Strong analytical and problem-solving skills and has the ability to create a containment strategy and execution experience in cyber security operations engineering and project management is a big plus
• Have hands-on experience on network security zone administration configurations IDS policies Knowledge of systems communications from Layer 1 to 7 packet capture and analysis or;
• Have hands-on experience on Windows & Linux Server Administration Systems Administration Middleware and Application Administration log formats & analysis ability to aggregate and parse log data for syslog http logs DB logs for investigation purposes

Preferred Technical and Professional Expertise

• Experience in 24×7 CyberSecurity Ops or SOC within a large scale and complex environment is highly desired and/or;
• In−depth experience with log search tools and SIEM tools such as Splunk Arcsight Mcafee usage of regular expressions and natural language queries and/or;

• Experience with Security Assessment tools (NMAP Nessus Metasploit Netcat) and/or;
• Background on vulnerability analysis management remediation and compliance and/or;