Information and Data are some of the most important organizational assets in today’s businesses. As a Security Consultant, you will be a key advisor for IBM’s clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client’s organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.
Your Role and Responsibilities
As a Threat Management consultant ,you are responsible for analysis of large amounts of data from vendors and internal sources, including various indicator feeds, Splunk, and several threat intelligence tools, etc. Threat Hunters perform the functions of threat operations and hunting and serve as the liaison for Threat Intelligence in the Security Operations Center, and mentor the incident handling, incident response, and forensics teams.
Come join our team of IBM experts, who are leaders with vision, distinguished engineers and IT architects who have worked with thousands of clients to transform enterprise IT, migrate to cloud, apply automation and ensure business continuity. We help client run their IT better, accelerate innovation and deliver unmatched performance with the power automation.
If you thrive in a dynamic, reciprocal workplace, IBM provides an environment to explore new opportunities every single day. And if you relish the freedom to bring creative, thoughtful solutions to the table, there’s no limit to what you can accomplish here.
- Responsible Enhancing the Security Operations and Threat Intelligence workflow by redesigning process and approach to operationalize the sharing and utilization of actionable intelligence and indicators.
- Assist in identifying (hunting) and profiling threat actors and TTPs.
- Custom tool design to assist in analysis and investigation. (Related experience in programming, database, system administration, etc.)
- Implementing integration/orchestration of existing security infrastructure and indicators.
- Design and run custom analysis models on (centralized) security event information to discover active threats, including collaboration on the development of use cases when appropriate.
- Perform as an Information Security SME in the following areas:
o Threat Intelligence
o Incident Response
o Log analysis (statistical modeling, correlation, pattern recognition, etc.)
o Microsoft platform (Server, workstation, applications)
o Open Systems platforms (Linux, UNIX, VM Ware ESX)
o Web Application
o Networking (firewalls, IDS/IPS, packet capture)
o Databases (Oracle, SQL Server, DB2, IMS) * Providing mentorship and support to teammates regarding Threat Intelligence, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development.
- Capable of identifying need & driving solutions, and providing guidance, in an autonomous manner.
Required Technical and Professional Expertise
- 7+ years overall technical experience in either threat intelligence, incident response, security operations, or related information security field.
- 2+ years’ experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, RDBMS/NoSQL database administration, etc.
- 3+ years’ experience in penetration testing, ethical hacking, exploit writing, and vulnerability management
- Deep understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
Strong and recent experience with malware analysis and reverse engineering. * Advanced experience with security operations tools, including but not limited to:
o SIEM (e.g. Splunk, Arc Sight)
o Indicator management (e.g. ThreatConnect)
o Link/relationship analysis (e.g. Maltego, IBM i2 Analyst Notebook)
o Signature development/management (e.g. Snort rules, Yara rules) * Broad experience with various common security infrastructure tools (NIDS, HIPS, EDR, etc.)
- Excellent analytical and problem solving skills, a passion for research and puzzle-solving.
- Expert understanding of large, complex corporate network environments.
Strong communication (oral, written, presentation), interpersonal and consultative skills, especially in regard to white papers, briefs, and presentations.
Preferred Technical and Professional Expertise
- One or more security certifications: CEH, Security+, GSEC, GCIH, etc.,
- You love collaborative environments that use agile methodologies to encourage creative design thinking and find innovative ways to develop with cutting edge technologies
- Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
- Intuitive individual with an ability to manage change and proven time management
- Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
- Up-to-date technical knowledge by attending educational workshops, reviewing publications