Description
Introduction
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible.
Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
IBM Security Operations Center (SOC) Analysts are individual contributors responsible for providing IT security services to clients within the IBM Security Services Managed Security Services organization.
As a member of a team, or working independently, perform an analytical and technical role in threat investigation and containment, collaborate in response activities and perform root cause analysis.
This includes the use of inter-operational processes, procedures, playbooks and runbooks. Shift 24x7 (it should be part of rotation shift schema to cover 24x7)
Responsabilities
Analyze events, flows, alerts and advance analysis of Potential Security incidents
Correlate events and find tuning opportunities to have a healthy environment on customer's console
Work with customers during crisis times to help mitigate the crisis and better client security posture to ensure crisis does not occur again
Make recommendations to clients about increasing security
Analyze traffic trends across customer base for large trends
Report Security Events and make customer escalations based on traffic analysis
Work with client to help remediate and answer questions regarding security events
Identify trends in traffic and make recommendations to clients based on trends
Make recommendation to clients to improve security posture
Stay abreast of current and upcoming threats
Participate in regular meetings with teams to determine appropriate actions required to address new developing Security Threats
Work with customers during crisis times to help mitigate the crisis and better client security posture to ensure crisis does not occur again
Make recommendations to clients about increasing security
Create Security Events and make customer escalations based on traffic analysis
Work with client to help remediate and answer questions regarding security events
Identify trends in traffic and make recommendations to clients based on trends
Participate in Client calls to tune security policy to client need
Make recommendation to clients to improve security posture
Support and Drive Vision
Mentor other analysts
Required Technical and Professional Expertise
Bachelor's degree in cyber security
3 years of experience in cyber security
2 years of experience in incident management and threat investigator
English level medium-high
Knowledge and Experience in SIEM (QRadar, Splunk, Rapidseven) , SOAR (Resilient, Crowdstrike)
Shift 24x7 (it should be part of rotation shift schema to cover 24x7)
Preferred Technical and Professional Expertise
Certified Incident Handler (GCIH, CSIH,ECIH, CFCA or similar)
5 years of experience in cyber security
3 years of experience in incident management and threat investigator
English level high
#J-18808-Ljbffr