Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

IBM Content Engineer 
Hungary, Budapest 
730491879

31.07.2024

Your Role and Responsibilities
Why you’ll love your job:
You will join IBM Security Services which is a division of , responsible for delivering security services to its large global customers, alongside major digital transformation projects in the application and cloud domains. You will join a team of 20 + Security Analysts who are looking after to monitor, detect and respond to cyber threats. This is an excellent opportunity to learn and apply cybersecurity fundamentals using leading edge tools. Learn more about the SOC, Security Operations Centre . We look for motivated junior professionals who are keen to learn and grow.
Your Role and Responsibilities :
• Leading complex automation and tuning activities
• Preparing and implementing automation and tuning solutions.
• Collaborating daily with cross-functional teams internally and with clients. Mainly incident response analysts, threat hunters, architects, and security consultants.
• Creating weekly (operational) and monthly (executive) engineering reports about fine-tuning and automation of detection rules and efficiency of SOC measured against agreed meters.
• Responsible for understanding contractual baselines and pushing forward to achieve them via driving necessary meetings and development tasks.
• Act as the primary point of contact when it comes to troubleshooting, designing, and deploying security workbooks, playbooks, data connectors and analytical rules.

• Understanding of VPN, IDP/IPS, WAF, and Firewall systems
• Understanding of Cyber Kill Chain and MITRE ATT&CK frameworks
• Hands-on experience with managing Microsoft Cloud Security Suite such as Azure AD, Sentinel (SIEM), Defender (XDR) and MDE
• Good knowledge of enterprise SOC structure, SOC-as-a-service
• Good knowledge of use case and workflow management
• Capability of composing and understanding advanced KQL
• Microsoft Certified SC-900 and AZ-900
• Familiar with ticketing systems such as ServiceNow
• Familiar with Kanban boards such as Trello or in M365 Teams
• Familiar with Zscaler, Checkpoint, Fortinet, Cisco, Crowstrike, Proofpoint, CyberArk systems and their logs
• Familiar with MaGMa framework, IoT Security, SIGMA rules or GitHub
• Experience in malware analysis or reverse engineering
• Microsoft Certified SC-100, SC-200, SC-300, SC-400, AZ-500