IBM Consulting Federal Security Operations Center Analyst III
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience.
Your Role And Responsibilities
The Security Operations Center Analyst III position will be a member of a dedicated security team within IBM Consulting Federal. In this role, the SOC analyst will support a dedicated 24x7x365 operation for a Federal program. The SOC Analyst will provide in-depth analysis of potential security events/anomalies based on alerts, events, and tips that have been initially triaged by tier 1 analyst. The SOC Analyst will leverage all available enterprise security tools, knowledge sources, and data artifacts to determine the who, what, when, where, and why of a potential security event. When required, the SOC Analyst will assist in the coordination of the execution and implementation of all actions required for the containment, eradication, and recovery from cybersecurity events and incidents. The SOC Analyst will support regular reviews and updates of security documentation. The SOC Analyst will conduct proactive threat hunting to identify and mitigate potential risks. Specific job duties include:
- Perform alternating shift work on a 24x7x365 Security Monitoring, Analysis, and Response
- Support incident investigations, response, and reporting
- Security Reporting
- Vulnerability Analysis
- SOC ticket queue management
- Document actions taken and analysis in the authorized ticketing system to a level of detail where the actions taken and analysis are capable of being systematically reconstructed.
- Security documentation review and updates
- Proactive threat hunting
Required Technical And Professional Expertise
* Security +, CEH, CFR, CCNA Cyber Ops, CCNA-Security, CySA+ GCIA, GCIH, GICSP, Cloud+, SCYBER, PenTest 5+ years of experience working in a 24x7x365 SOC environment Analyzing system and network logs for security events, anomalies, and configuration issues. Experience working with SIEM technology to monitor and manage security events. Background in incident response, system/network operations, and threat intelligence. Experience utilizing enterprise security technologies such as SIEM/SOAR, NGAV/EDR, Vulnerability scanners, and Threat Intelligence Platforms.
Preferred Technical And Professional Experience
Experience in two or more of these specialized areas: Insider Threat, Digital media forensic, Monitoring and detection, Incident Response
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.