IBM Security Consultant-Endpoint 

India, Maharashtra, Pune 

499716220

• You’ll have access to all the technical and management training courses you need to become the expert you want to be
• You’ll learn directly from expert developers in the field; our team leads love to mentor
• You have the opportunity to work in many different areas to figure out what really excites you

Required Technical and Professional Expertise

• Proficient with Azure Sentinel focusing primarily on SIEM (security information and event manager) for monitoring, XDR (Extended Detection and Response) for incident response actions
• Possess knowledge of a Security Operations Center (SOC) operations
• Must have technology experiences: Azure Sentinel, Azure Sentinel SOAR, Azure Playbooks, KQL Queries
• Sound Knowledge on JavaScript, C#, KQL or SQL development background
• Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation
• Ability to define various SIEM use cases based on IT environment for better detection of anomalies
• Tools : Azure Sentinel, Log Analysis, KQL, Automation, SOAR
• Strong understanding of the SOC KPIs, establish SOC performance goals and priorities
• Manages security teams, monitors threat, implements security policies, and collaborates with other departments to ensure a comprehensive security posture.
• Understanding of the cybersecurity framework such as NIST, MITRE ATT&CK(attack lifecycle management)
• Manage communications, escalations, including taking corrective action for remediation.
• Excellent written and Verbal communication skill
• Knowledge on SOC automation related skills
• Knowledge of handling and using threat intelligence feeds for threat detection purposes. • Critical Incident lifecycle Management and Reporting Operations Management, Stakeholder Management and Vendor Management
• IT Security Certifications like CISSP, CISM, etc.

Preferred Technical and Professional Expertise

• Design, build, test, deploy Sentinel SIEM and Security Architectures
• Experience with Security Information and Event Management (SIEM) tools – mainly Sentinel and QRadar
• Preferred Certifications like Certification : AZ-900 ,SC-200 / AZ-500 and any other relevant SIEM certifications(OEM specific) etc.
• At least 3 years of professional experience with IT Security products and services, ideally related to Sentinel SIEM
• Understanding the technical aspects of the Information Security.
• Participate on interconnecting the Sentinel SIEM tool with sources of security incidents – e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc.
• Serve as deeply skilled and knowledgeable resource within the SIEM and SOAR technology area
• Participate on automation of the incidents prioritization and false positives identification
• Perform security incident analysis and recommend remediation steps