About the position
In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology. At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Responsibilities
- Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC).
- Responsible for monitoring, triaging, analyzing and escalating incidents and events in the technology environment.
- Evaluate data collected from a variety of cyber operations tools (e.g., SIEM, IDS/IPS, Firewalls, network traffic logs, cloud platforms, and SOAR solutions) to analyze events that occur within the environments for the purposes of detecting and mitigating threats.
- Proactive and well-versed in log, identity, cloud, network, and root cause analysis.
Requirements
- Bachelor's Degree.
- Skills in email security, system event, network event, log analysis.
- Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security, operating system security, modern attack and exploitation techniques.
- Experience conducting event analysis in AWS and Azure environments.
- Ability to characterize and analyze alerts to understand potential and active threats.
- Perform event correlation using information gathered from a variety of sources within the enterprise.
Nice-to-haves
- Document and escalate events/incidents that may cause adverse impact to the environment.
- Provide daily summary reports of events and activity relevant to cyber operations.
- Perform Cyber Operations trend analysis and reporting.
- Perform high-quality triage and thorough analysis for all alerts.
- Demonstrate effective communication skills both written and verbal.
- Actively engage in team chats, calls, and face to face settings.
- Contribute to SOC runbooks/playbooks.
- Recommend improvements to automations, alert fidelity, and security controls.
- Experience / Knowledge in CyberArk, Azure SSO.
- Knowledge of enterprise web technologies, security, and cutting-edge infrastructures.
A Smarter and Faster Way to Build Your Resume