Security Consultant - Cloud and Network Security

Introduction
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities

• Closely work with SOC team and be responsible for incident detection, triage, analysis and response and resolution.
• Daily Health check of multi-vendor Security Devices and action according to the requirements.
• Analysis and response to Device monitoring alerts/tickets.
• Support the incident response team during major security incident with advance investigation skills.
• Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
• Finetune of existing use case of SIEM to reduce false positive.
• Periodic security rule review and suggestions for continuous improvement of client security posture.
• Escalation handling, reporting and resolutions within SLA.
• Preparation and walkthrough of the daily, weekly, and monthly reports to the customer/stake holders.
• Ready to work in 24x7 rotational shift model including night shift.
• Incorporate and follow all change management processes and procedures as outlined by the customer.
• Participate in security and vulnerability risk assessments of the enterprise firewall environment.
• Identify the process and technology gaps and drive for closure.
• Explore different technologies available in the security industry.
• Coordination with different stakeholders for closure of SR/CR/IN.
• Coordination with internal customers for their security related problems and providing solutions.
• Create and manage various KEDBs the SOPs, runbooks, asset inventory with risk classification, critical application flow diagram, network flow diagram, privileged user list.
• Continually improve upon skills and ability to learn new technologies
• Mentor and monitor L1 team members for their daily activities.
• Provide KT and required training to other team members.

Who you are: Cloud and Infrastructure Security Operations Delivery.

What you'll do: Support multiple customers using multi-vendor security technologies by securing their day-to-day business delivery.

Required Technical and Professional Expertise

• Handson experience in at least two vendor firewalls (Fortigate/PaloAlto/Checkpoint/Cisco/Juniper/ Sonicwall, Azure native)
• Handson experience in at least one vendor Web Application Firewall (WAF) (Fortigate/F5/Checkpoint/ Cisco/Citrix NetScaler/Azure Native)
• Handson experience in at least one vendor Proxy (Forcepoint/Mcafee/Bluecoat/Zscalar/TrendMicro/ Prisma)
• Handson experience troubleshooting and problem solving a wide variety of client IT security related issues using these technologies (Cisco FTD/Palo Alto/Checkpoint/Fortinet/Azure firewalls, IDS/IPS, VPN, proxy, Bluecoat/Forcepoint/Zscalar Web filtering).
• Should have good technical knowledge and hands on in cloud security solutions (AWS, Azure) like Microsoft cloud native security, PaloAlto, Zscalar.
• Experience on firewall rules and data flow.
• Experience on clustering and high availability.
• Manage day to day firewall operations, implementing firewall rule requests i.e. configuration changes like Port opening, fine tuning.
• License update, Version management.
• Experience in configuration and implementation of VPN across various vendor perimeter devices.
• Experience in routing technologies.
• Skilled in analysing and monitoring network security solutions.
• Managing whitelist and blacklist files

Preferred Technical and Professional Expertise

• Knowledge on IPS/IDS, DDoS, Cisco ISE, VSG, NSG, LLB, GSLB are added advantage.
• Linux Basic knowledge, Advanced preferable.
• Basic Scripting knowledge in Python or shell scripting.
• MS Visio.