Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
In this role, you will join IBM Security Services which is a division of IBM Consulting, responsible for delivering security services to its large global customers, alongside major digital transformation projects in the application and cloud domains.
You will join a team of 20+ Security Analysts who are looking after to monitor, detect and respond to cyber threats.
Your Role and Responsibilities
- Monitoring systems and processes security events and incidents using established processes
- Performing deep analysis of events and incidents escalated by Tier-1 Security Analysts
- Delegating the investigation of detected events to Tier-1 Security Analysts
- Determining whether critical systems and data are affected and initiating or recommending corrective actions
- Maintaining and updating detection rulesets following established processes
- Maintaining and updating an incident log and a lessons learned
- Categorizing and reporting incidents following established procedures
- Mentoring and supporting Tier-1 Security Analysts
Please note that Senior Analysts provide service in 24/7. The position is in a 12-hr shift rotation which includes nights, weekends, and holidays.
Required Technical and Professional Expertise
- 2+ years of experience in working as a network security analyst in a security operations center
- extensive experience with all phases of incident response
- extensive experience in the inner-workings of Operating systems (Windows and Linux-based)
- experience working with Qradar/MS Sentinel
- extensive knowledge of network communications and routing protocols (e.g., TCP, UDP, Internet Control Message Protocol (ICMP), Border Gateway Protocol (BGP), Multi-Protocol Label Switching (MPLS), etc.) and common internet applications and standards (e.g. Simple Mail Transfer Protocol (SMTP), DNS, DHCP, SQL, Hypertext Transfer Protocol (HTTP), Hypertext Transfer Protocol Secure (HTTPS), etc.).
- experience in programming and/or scripting languages
- experience managing and prioritizing large volume of alerts
- experience managing, analyzing, editing and crafting Intrusion Detection rules
- practical experience in Information Security concepts and technology
- excellent verbal and written communication skills
- willingness to work in 12h long shifts
Preferred Technical and Professional Expertise
- GIAC GCIH Certification
- GIAC GCIA Certification
- Microsoft Certified Windows Server Administrator (or equivalent Windows Certification)
- Redhat Certified Systems Administrator (or equivalent Linux certification)
- CISSP / CISM or equivalent certification
Read Full Description