IBM Technical Consultant-Security Intel & Operations Consulting Svcs 

India, Karnataka, Bengaluru 

167702069

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

• The SIEM Administrator will be responsible for administering the deployed SIEM service. The candidate is also expected to have hands on experience of deploying a SIEM solution from scratch, where the candidate should have the skills and knowledge to gather all the required information to build the SIEM solution.
• In-depth knowledge of technical approaches in security analytics, monitoring and alerting. Maintains technical knowledge within areas of expertise.
• This role is also responsible for identifying, analyzing, developing new or tuning & Refinement of the content or use cases. Strong problem solving and troubleshooting skills including the ability to perform root cause analysis for preventative investigation

• Should have experience in any of the query language i.e AQL ,KQL, SPL, LEQL etc for writing the complex queries & saved search creation.
• Should have strong knowledge of different cybersecurity frameworks i.e.MITRE, NIST and Cyber kill chain model.
• Should have understanding of regular expression writing and custom parsing

• Collaborate with key stakeholders within technology, application and cyber security to develop use cases to address specific business needs.
• Create technical documentation around the content deployed to the SIEM.
• Creates and develops correlation and detection rules with SIEM solution, reports & dashboards to detect emerging threats