IBM Security Consultant Intelligence & Operations 

India, Karnataka, Mysuru 

975399006

In this role, you’ll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world.​ Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

Your Role and Responsibilities

• Work closely with the Security Operations Center (SOC) and Security Engineering teams to improve existing automation and deliver resilient security solutions.
• Assess, design, and improve SOC processes and workflows with a focus on integrating automation through Security Orchestration, Automation and Response (SOAR) tools and technologies.
• Implement new SOC automation and ensure continued compatibility with existing detection and response tools.
• Build new playbooks to properly triage and respond to security incidents while reducing the time needed to analyze each event.

Required Technical and Professional Expertise

• Develop custom scripts to automate response workflows.
• Operate and help mature a SOC playbook, workflow automations and use cases to protect people, missions and assets.
• Experience with Security Orchestration, Automation and Response (SOAR) tools and technologies (e.g. Sentinel, XSOAR/Demisto, Phantom, etc.)
• Experience with Python scripting language for automation.
• Experience with operating system internals for both Linux and Windows platforms

Preferred Technical and Professional Expertise

• Understanding of classic and emerging threat actor tactics, techniques and procedures in both pre and post-exploitation phases of attack lifecycles.
• Strong understanding of security architecture, tool integration, API development and automation.
• Deep understanding of Incident Response processes. Understanding of common SOC and SOAR processes and workflows.