IBM Security Consultant with deep experience in Pentesting, Ethical Hacking, Cyber threat hunting, etc

In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.

We are seeking a Security Intelligence Analyst (SIA) with advanced expertise in cybersecurity to join our high-performing team in Costa Rica. This senior-level position demands a strategic thinker with deep technical knowledge, proven experience in managing complex security challenges, and the ability to lead advanced threat analysis efforts. The ideal candidate will be instrumental in strengthening our organization's security posture and guiding the next generation of analysts.

• Advanced Threat Analysis & Incident Response:

  • Conduct deep-dive investigations into advanced persistent threats (APTs) and zero-day vulnerabilities.
  • Lead incident response efforts for critical incidents, including containment, eradication, and post-incident analysis.
  • Develop playbooks and response strategies for advanced and sophisticated attack vectors.

• Threat Hunting & Intelligence Gathering:

  • Perform proactive threat hunting activities using behavioral analytics and forensic techniques.
  • Integrate multiple threat intelligence feeds and platforms to provide actionable insights.
  • Develop and maintain threat intelligence frameworks and tactics, techniques, and procedures (TTPs).

• Leadership & Collaboration:

  • Serve as a technical escalation point for SOC and junior analysts during high-severity incidents.
  • Mentor and train SOC teams on advanced detection and analysis techniques.
  • Collaborate with global teams, stakeholders, and law enforcement agencies to address emerging threats.

• Strategic Security Initiatives:

  • Provide expert input on the design, implementation, and optimization of security solutions (e.g., SIEM, EDR, SOAR).
  • Contribute to the development and continuous improvement of enterprise-wide security policies and standards.
  • Lead red team/blue team exercises and security readiness assessments.

• Regulatory Compliance & Risk Management:

  • Ensure compliance with global cybersecurity frameworks, such as ISO 27001, NIST 800-53, GDPR, and PCI DSS.
  • Conduct risk assessments to identify and mitigate gaps in the security infrastructure.

• Education:

  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or a related field. Advanced degrees or specialized training in cybersecurity preferred.

• Experience:

  • At least 8 years of progressive experience in cybersecurity, with significant time spent in advanced roles focusing on incident response, threat hunting, pentesting, ethical hacking and threat intelligence.
  • Proven track record of handling complex security incidents and advanced threat actors in global or enterprise environments.

• Technical Expertise:

  • Advanced proficiency in security tools: SIEM (e.g., Splunk, QRadar), SOAR, EDR (e.g., CrowdStrike, Carbon Black), and network security tools.
  • Expertise in malware analysis, reverse engineering, memory forensics, and packet-level network analysis.
  • Strong command of scripting and programming languages (e.g., Python, PowerShell, Bash) for automation and analysis.
  • Deep understanding of cloud security, including platforms like AWS, Azure, and Google Cloud.
  • Knowledge of MITRE ATT&CK Framework, threat modeling, and adversary simulation.

• Certifications (required):

  • CISSP, GIAC (GCIH, GCFA, GDAT), OSCP, or equivalent certifications.
  • Advanced certifications such as GXPN, GREM, or CCSP are a significant advantage.

• Languages:

  • Fluent in English (written and spoken). Proficiency in Spanish or other languages is advantageous.