Role and Responsibilities
As a SOC XDR/SIEM engineer you will work with IBM clients to support the operation of the SIEM/XDR technology and improve their security posture.
* Configure and tuning the SIEM/XDR tools.
* Create new log source integrations, reports, dashboards, correlation rules, policies, users, roles, etc.
* Troubleshoot any related platform issues.
* Escalate to SIEM/XDR vendors when needed.
* Meet with clients on recurring basis to present operational reports, backlog, metrics, etc.
* Provide recommendations to optimize the security posture, threat detection capabilities and the performance of the SIEM/XDR/EDR platform.
* Integrate threat intelligence and threat detection capabities.
* 3 years of experience in cyber security.
* 2 years of experience with XDR/SIEM technologies.
* Expertise working with SIEM/XDR /EDR tools like Palo Alto XSIAM, IBM QRadar SIEM, MSFT Sentinel, Cortex XDR, MSFT Defender, etc.
* Understanding of Security technologies and best practices.
* Experience with Unix CLI (RHEL, Ubuntu, etc.).
* Experience with MITRE ATT&CK.
* Outstanding communication skills.
* English level: Intermediate English
* Bachelor’s degree in cyber security
* CompTIA Security+ or similar certification
* English level: Upper Intermediate English.
