Sr Security Operations Center Analyst III

Introduction A career in IBM Consulting is rooted in long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for some of the most innovative and valuable companies in the world. Your ability to accelerate impact and create meaningful change for your clients is supported by our strategic partner ecosystem and robust technology platforms, including Software and Red Hat. Curiosity and a constant quest for knowledge are the foundations of success in IBM Consulting. In your role, you'll be encouraged to challenge norms, explore ideas beyond your immediate responsibilities, and develop creative solutions that lead to groundbreaking impacts for a wide network of clients. Our culture emphasizes evolution and empathy, focusing on long-term career growth and development opportunities in an environment that values your unique skills and experiences. Your role and responsibilities The Security Operations Center Analyst III position is part of a dedicated security team within IBM Consulting Federal. This role supports a 24x7x365 operation for a Federal program. The SOC analyst will analyze potential security events and anomalies based on alerts, events, and tips initially triaged by tier 1 analysts. The analyst will utilize all available security tools, knowledge sources, and data artifacts to determine the details of potential security events. When necessary, they will coordinate actions for containment, eradication, and recovery from cybersecurity incidents. Additionally, the analyst will review and update security documentation and conduct proactive threat hunting to identify and mitigate potential risks. Specific duties include: Perform alternating shift work supporting 24x7 security monitoring, analysis, and response Support incident investigations, responses, and reporting Generate security reports Conduct vulnerability analysis Manage SOC ticket queues Document actions taken and analysis in ticketing systems for systematic reconstruction Review and update security documentation Conduct proactive threat hunting Required technical and professional expertise Security+, CEH, CFR, CCNA Cyber Ops, CCNA Security, CySA+, GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest certifications 5+ years of experience in a 24x7x365 SOC environment Experience analyzing system and network logs for security events and anomalies Experience working with SIEM technology for security monitoring Background in incident response, system/network operations, and threat intelligence Experience with enterprise security technologies such as SIEM/SOAR, NGAV/EDR, vulnerability scanners, and threat intelligence platforms Preferred technical and professional experience Experience in at least two of the following areas: Insider Threat, Digital Media Forensics, Monitoring and Detection, Incident Response IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration regardless of race, color, religion, sex, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM also complies with all fair employment practices regarding citizenship and immigration status.

#J-18808-Ljbffr