Technical Consultant: Security Intel & Operations Consulting Svcs

Introduction
In this role you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers) where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

At IBM work is more than a job – it’s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better but to attempt things you’ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world’s most challenging problems? If so lets talk.

Your Role and Responsibilities

• Senior SOC Analyst works within the 24/7 Cyber Fusion Center (CFC).
• The role is responsible for monitoring triaging analyzing and escalating incidents and events in the technology environment.
• This Senior SOC Analyst will evaluate data collected from a variety of cyber operations tools (e.g. SIEM IDS/IPS Firewalls network traffic logs cloud platforms and SOAR solutions to analyze events that occur within the environments for the purposes of detecting and mitigating threats in both structured and unstructured situations.
• Individuals in this role are proactive and well-versed in log identity cloud network and root cause analysis.

Required Technical and Professional Expertise

• Senior SOC Analyst must have skills in email security system event network event log analysis. Knowledge of common IT and security technology concepts with emphasis on TCP/IP network security operating system security modern attack and exploitation techniques is important.
• Experience conducting event analysis in AWS and Azure environments. Characterize and analyse alerts to understand potential and active threats.
• Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the nature and characteristics of events that could be an observed attack.

Preferred Technical and Professional Expertise

• Document and escalate events/incidents that may cause adverse impact to the environment. Provide daily summary reports of events and activity relevant to cyber operations. Perform Cyber Operations trend analysis and reporting.
• Perform high-quality triage and thorough analysis for all alerts. Demonstrate effective communication skills both written and verbal. Actively engage in team chats calls and face to face settings. Constantly contribute to SOC runbooks/playbooks
• Recommend improvements to automations alert fidelity and security controls. Preferred Experience: Experience / Knowledge in CyberArk Azure SSO. Knowledge of enterprise web technologies security and cutting-edge infrastructures