Location
Pune | India
Job description
Your Role and Responsibilities
As a Security Delivery Specialist-SOC ,you are responsible for managing day to day operations of Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM.
Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation.
If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there's no limit to what you can accomplish here.
Role and Responsibilities - Overall responsible for Incident response, analysis, and recommendation through SIEM and EDR.
- Responsible for threat hunting activity using SIEM, EDR and other hunting tools and technologies.
- Good understanding of Mitre Framework, NIST framework and Cyber Kill Chain Process.
- Overall responsible for SIEM and EDR platform.
- Mentor and support L1 and L2 team for technical expertise and skills.
- Responsible for L1 and L2 team members skill development and trainings.
- Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
- Drive Process and technology standardization.
- Walkthrough of the daily, weekly, and monthly SOC reports to the customer/stake holders.
- Finetune of existing use case of SIEM to reduce false positive.
- Drive task automations jointly with automation team.
- Participate in periodic customer meetings.
- Create and manage various KEDBs the SOPs, runbooks, asset inventory with
- risk classification, critical application flow diagram, network flow diagram, privileged user list. Ready to work in 24x7 rotational shift model including night shift.
- Mentor and monitor team members for their daily activities.
- Create and manage various KEDBs the SOPs, runbooks, asset inventory with risk classification, critical application flow diagram, network flow diagram, privilege user list.
- Identify the process and technology gaps and drive for closure.
- Explore different technologies available in the security industry.
- Analyse and tune threat monitoring dashboards.
- Closely work with SOC team and be responsible for incident detection, triage, analysis and response.
- Performing TI based and hypothesis driven threat hunting oriented to SIEM logs.
- Support the incident response team during major security incident with advance investigation skills.
Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Required Technical and Professional Expertise
- 2-4 + years of IT experience in security with at least 2+ Years in Security Operation centre with SIEMs, EDR, Threat Hunting, Threat Intelligence, and knowledge on various cloud platform.
- Expertise in Security Device Management SIEM, Arcsight, Qradar, Slunk incident response, threat hunting, Use case engineering, device integration with SIEM, Various error notification management in SIEM and EDR.
- Working knowledge of industry standard risk, governance and security standard methodologies
- Proficient in incident response processes - detection, triage, incident analysis, remediation, and reporting
- Has good presentation skill with PPT preparation and competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc.
- Ability to multitask and work independently with minimal direction and maximum accountability.
Preferred Technical and Professional Experience
- One or more security certifications: CEH, ECIH, Security+, CISSP, OSCP etc.,
- You love collaborative environments that use agile methodologies to encourage creative design thinking and find innovative ways to develop with cutting edge technologies.
- Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work.
- Proven interpersonal skills while contributing to team effort by accomplishing related results as needed.
- Up-to-date technical knowledge by attending educational workshops, reviewing publications.
Other Relevant Job Details
When applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience.
For additional information about location requirements, please discuss with the recruiter following submission of your application.
Introduction
Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Wonder if IBM is the one for you?
In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.
Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
About Business Unit
IBM Consulting is IBM’s consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients’ businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
About IBM
IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
IBM Vaccination Policy
This job requires you to be fully COVID-19 vaccinated prior to your start date and proof of vaccination status will be required before your start date. During the Onboarding process you will be asked to confirm your vaccination status, in case you are unable to get vaccinated for any reason, you can let us know at that stage. Please let us know if you are unable to be vaccinated due to medical or religious reasons. IBM will consider such requests on a case by case basis subject to submission of required proof by the candidate before a stipulated date.
Job tags
Salary