Mid Security Operations Center Analyst II
IBM
IT, Operations
Multiple locations
Posted on Oct 9, 2024
Introduction
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
Operations Center Analyst II position will be a member of a dedicated
security team within IBM Consulting Federal.
In this role, the SOC analyst will support a dedicated 24x7x365 operation
for a Federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analyst. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents.
Perform 24x7x365 Security Monitoring, Analysis and Response
Support incident investigations, response, and reporting
Security Reporting
SOC ticket queue management
Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
Required Technical and Professional Expertise
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You’ll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you’ll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role and Responsibilities
Operations Center Analyst II position will be a member of a dedicated
security team within IBM Consulting Federal.
In this role, the SOC analyst will support a dedicated 24x7x365 operation
for a Federal program. The SOC Analyst will provide in-depth analysis of potential security events / anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analyst. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where and why of a potential security event. When required, the SOC Analyst will assist to coordinate the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents.
Perform 24x7x365 Security Monitoring, Analysis and Response
Support incident investigations, response, and reporting
Security Reporting
SOC ticket queue management
Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
Required Technical and Professional Expertise
- 5+ years of experience working in a 24x7x365 SOC environment
- Analyzing system and network logs for security events, anomalies, and configuration issues.
- Experience working with SIEM technology to monitor and manage security events.
- Background in incident response, system/network operations and threat intelligence.
- Understanding of enterprise environments, specifically cloud-based and hybrid cloudenvironments.
- Understanding of common cyber intrusion frameworks such as Cyber Kill Chain, Diamond Model
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents
- Understanding of possible attack activities such as network reconnaissance probing/ scanning,
- 5+ years of experience be in the areas of incident detection and response, remediation malware
- Ability to script in one more of the following computer languages Python, Bash, Visual Basic or
- Experience in two or more of these specialized areas: Insider Threat, Digital media forensic,
- On of the listed – Security + CE, CEH, CFR, CCNA Cyber Ops , CCNA-Security, CySA+ **, GCIA, GCIH, GICSP
Preferred Technical and Professional Expertise
- Understanding and experience with Federal Security Standards such as NIST and DoD
- Understanding and experience with FedRAMP Cloud Security Requirements
