IBM SOC Engineer -SIEM 

India, Haryana, Gurugram District 

218836999

What you’ll do:
Primary Responsibility:

• Working experience of 8+ Years

• SOC Engineer would work closely with the SOC team and be responsible for SIEM engineering activities such as log source integration, Use case development and enhancement, Rule tuning, dashboard and report development, and Platform upgradation.
• Support the incident response team during an incident.
• Hands-on experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine-tuning, and optimizing the correlation rules and use cases Is a MUST.
• Proven Experience with Security information and event management (SIEM) tools like Qradar
• Identify quick defense techniques till permanent resolution.
• Proven Experience with SOAR solutions like Qradar Resilient and developing workflows and playbooks
• Recognize successful intrusions and compromises by reviewing and analyzing relevant event detail information.
• Review incidents escalated by Level 1 analysts for rule tuning and use case enhancement
• Launch and track investigations to resolution. Recognize attacks based on their signatures, and differentiates false positives from true intrusion attempts.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.
• Identify the gaps in the security environment & suggest the gap closure
• Drive & Support Change Management
• Performs and reviews tasks as identified in a daily task list.
• Report Generation and Trend Analysis. Front-ending the governance meeting with the customer and walkthrough of the security status from SOC’s perspective to the customer/stakeholders.
• Good to have hands-on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.
• Willing to work in a 24×7 rotational shift model including the night shift.

KRA:

• Identify the security gaps and drive for closure through Change Mgmt
• To explore different security technologies available in the market
• Install Build, Test, and Configure SIEM related systems
• Maintain security dashboards
• Coordination with internal customers for their security-related problems and providing solutions.
• Documentation of security solutions
• Handle L2 and above-level technical escalations from the Operations team and resolve them within SLA.
• Work closely with L1 team members to provide quick support & and escalation.
• Train other analysts in their roles and responsibilities
• Develop and maintain the SOAR workflows and playbooks

How we’ll help you grow:
You’ll have access to all the technical and management training courses you need to become the expert you want to be.

Required Technical and Professional Expertise

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) – Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.

Preferred Technical and Professional Expertise