Threat Hunter

Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant you will be a key advisor for IBM’s clients analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
Why you’ll love your job:
You will join IBM Security Services which is a division of IBM Consulting responsible for delivering security services to its large global customers alongside major digital transformation projects in the application and cloud domains. You will join a team of 20 + Security Analysts who are looking after to monitor detect and respond to cyber threats. This is an excellent opportunity to learn and apply cybersecurity fundamentals using leading edge tools. Learn more about the SOC Security Operations Centre here . We look for motivated junior professionals who are keen to learn and grow.

You will be responsible for:
• Threat hunting and incident response activities in the customer environment using Azure /Microsoft Sentinel
• Demonstrating the ability to recognize attacks and attack patterns
• Deep analysis of threats
• Developing attack detection and playbooks
• Giving feedback to the analyst team on previous incidents

Required Technical and Professional Expertise

• Minimum of 6 years of relevant job experience
• Minimum of 2 years of experience in threat analysis & (technical) threat hunting
• Knowledge and experience in analysis of various threat actor groups attack patterns and tactics techniques and procedures (TTPs) deep analysis of threats across the enterprise by combining security rules content policy and relevant datasets
• Ability to recognize and research attacks and attack patterns
• Demonstrable systems thinking and ability to clearly synthesize and communicate complex topics
• Ability to collaborate in a virtual team and interface with multitude of stakeholders within or outside the SOC
• Experience in creating clear & well-articulated documents /artefacts

Preferred Technical and Professional Expertise
• Bachelor’s Degree in either of the disciplines: Computer Science Automation Electronics
Electrical Telecommunications Computer Engineering
• Knowledge of either of SIEM tools – Sentinel Qradar or Splunk
• Experience in one of the domains: Identity and Access Data Security Network & Endpoint Security
Cloud Security Security Operation Centre etc.