IBM Cybersecurity Operations Lead 

Philippines, Maypajo 

210352828

In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your Role and Responsibilities
As a Cybersecurity Operations Lead at IBM Consulting, your responsibilities will include overseeing Security Operations and implementing resilient Enterprise-wide Security processes and procedures.

• Perform monitoring and analysis of event activities, identify data exfiltration violations, build & document standard procedures and policies, investigate issues & document findings and assist with the implementation of security controls and risk security awareness efforts
• Takes an active part in the gathering of threat intel, provide analysis of internal & external security intelligence feeds, triage analysis and response to security threats and escalate as needed to the next level as per Security Incident Management Process for severe intelligence findings
• Teamwork, adaptability, listening, high integrity & work ethic, communication, positive demeanor and high level of ownership and accountability
• Actively establish & strengthen relationships with external and internal stakeholders
• Assist in developing knowledge assets such as methodologies, processes, procedures, templates, frameworks, white papers etc.
• Work in a team and mentor other members in the team to identify potential business opportunities on existing consulting engagements
• Suggest ideas on improving engagement productivity and identify opportunities for improving client service

Required Technical and Professional Expertise

• Leadership experience: minimum of 7 to 8 years of experience in a senior or supervisory role in the cybersecurity domain
• Analytical & Problem Solving skills: ability to create a containment strategy and execution, experience in cyber security operations, engineering and project management is a big plus
• Cybersecurity Technical Skills : Have hands-on experience on network security zone administration, configurations, IDS policies Knowledge of systems communications from Layer 1 to 7, packet capture and analysis
• Other Technical Skills : Have hands-on experience on Windows & Linux Server Administration, Systems Administration, Middleware, and Application Administration, log formats & analysis, ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes

Preferred Technical and Professional Expertise

• Security Operations Center (SOC) exposure : experience in 24×7 CyberSecurity Ops or SOC within a large scale and complex environment is highly desired
• Security Technologies knowledge: in−depth experience with log search tools and SIEM tools such as Splunk, Arcsight, Mcafee usage of regular expressions and natural language queries and/or experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat )
• SOC Processes knowledge : background on vulnerability analysis, management, remediation and compliance
• Stakeholder Management: experience in client management with C or V-suite is a big plus