Job
Description
IBM Consulting Overview In this role, you'll work in one of IBM Consulting Client Innovation Centers (Delivery Centers), where deep technical and industry expertise is delivered to a wide range of public and private sector clients globally. These delivery centers offer locally based skills and technical expertise to drive innovation and new technology adoption. Your Role and Responsibilities As a Senior SOC Analyst, you will be part of the 24/7 Cyber Fusion Center (CFC), responsible for monitoring, triaging, analyzing, and escalating incidents in a dynamic technology environment. Your role includes: Evaluating data collected from cyber operations tools (SIEM, IDS/IPS, firewalls, network traffic logs, cloud platforms, and SOAR solutions). Detecting and mitigating threats in both structured and unstructured situations. Conducting log, identity, cloud, network, and root cause analysis to improve security posture. Required Education Bachelor's Degree Preferred Education Master's Degree Required Technical and Professional Expertise Expertise in email security, system events, network events, and log analysis. Strong knowledge of TCP/IP network security, OS security, and modern attack techniques. Event analysis experience in AWS and Azure environments. Ability to characterize and analyze alerts to assess potential threats. Perform event correlation by gathering information from various sources to understand and determine attack patterns. Preferred Technical and Professional Experience Document and escalate events/incidents with potential impact on environments. Provide daily summary reports of cyber operations events and activity. Perform cyber operations trend analysis and reporting. Conduct high-quality triage and analysis for all alerts. Demonstrate effective written and verbal communication skills, engaging in team chats, calls, and in-person discussions. Constantly contribute to SOC runbooks/playbooks. Recommend improvements to automation, alert fidelity, and security controls. Experience with CyberArk, Azure SSO, and enterprise security technologies.
