Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

IBM Security Consultant 
Philippines, Maypajo 
323803493

24.06.2024

Your Role and Responsibilities
The Security Consultant role is key part of the SOC.
  • Responsible for conducting incident response operations according to documented procedures and industry best practices.
  • Able to interact with executive levels throughout the company.
  • Must have extensive experience in multiple security areas such as SIEM, EDR, XDR, ASM, IDS, APT, and WAF.
  • Will be required to participate in multiple intelligence communities and be able to disseminate pertinent informationthroughout the SOC.
  • Ideal candidates should have extensive experience in Linux and Windows operating systems, deep knowledge of networking and attack methods such as SQLi and pivoting.
  • Enthusiasm and interest in Information Security must be displayed.

Required Technical and Professional Expertise

  • Knowledge of network security zones, Firewall configurations, IDS policies
  • Knowledge of systems communications from Layer 1 to 7
  • Experience with Systems Administration, Middleware, and Application Administration
  • Experience with Network and Network Security tools administration
  • Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes.
  • In-depth experience with log search tools such as HP Arcsight, Splunk, usage of regular expressions and natural language queries
  • In-depth knowledge of packet capture and analysis
  • Experience with Security Assessment tools (NMAP, Nessus)
  • Ability to make create a containment strategy and execute.


Preferred Technical and Professional Expertise

  • Intrusion Detection in Depth – SEC503 (GCIA certification) or equivalent
  • Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification) or
  • equivalent.
  • GIAC Continuous Monitoring (optional GMON certification) or equivalent
  • Advanced digital forensics and Incident Response – FOR 508 (Optional GCFA certification) or equivalent

Recommended

  • Computer Forensic Investigation such as Windows Forensic Analysis FOR408 – (Optional
  • GCFE certification)
  • Perimeter Protection in Depth – SEC502 (optional GCFW certification)
  • Advanced Security Essentials – SEC501 (optional GCED certification