IBM Security Consultant SOC 

India, Maharashtra, Mumbai 

235186571

• Lead Incident Response (IR):
• Act as the Subject matter expert for security incidents.
• Analyze and respond to security breaches, perform root cause analysis, and coordinate remediation efforts.
• Provide leadership during incident investigations, ensuring rapid and thorough handling.
• SOC Automation & Integration:
• Leverage Python scripting and Palo Alto XSOAR to automate security processes, streamline incident response, and enhance detection capabilities.
• Design, implement, and maintain playbooks within XSOAR to address emerging security threats.
• Threat Hunting & Monitoring:
• Proactively perform threat hunting activities to detect advanced threats that may bypass existing security solutions.
• Leverage both internal and external threat intelligence to identify and mitigate potential security risks.
• OSINT Utilization:
• Utilize Open-Source Intelligence (OSINT) techniques to gather and analyze publicly available information for early identification of threats.
• Collaboration & Communication:
• Collaborate with other teams (IT, legal, risk) to align incident response strategies.
• Clearly communicate complex security issues to both technical and non-technical stakeholders through reports and presentations.
• Provide security awareness training and mentoring to SOC analysts and other team members.

Required Technical and Professional Expertise

• 6+ years of experience in IT security with SOC Operations
• Expertise in Security Device Management SIEM, Arcsight, Qradar, incident response, threat hunting, Use case engineering, SOC analyst, device integration with SIEM
• Working knowledge of industry standard risk, governance and security standard methodologies
• Proficient in incident response processes – detection, triage, incident analysis, remediation and reporting
• Competence with Microsoft Office, e.g. Word, PowerPoint, Excel, Visio, etc
• Expertise in Python scripting and Palo-alto XSOAR

Preferred Technical and Professional Expertise

• One or more security certifications: CEH, Security+, GSEC, GCIH, etc.,