IBM Global Financing
Website:
ibm.com
Job details:
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
As SOC Analyst Level 2 & Threat Hunter, you play a vital role in safeguarding an organization's digital infrastructure by identifying, analyzing, and mitigating cyber threats. This position involves using a variety of cybersecurity tools to monitor, prioritize, investigate, and respond to security incidents. Your primary responsibilities will include:
- Perform advanced analysis of security events and logs across multiple data sources.
- Correlate events, conduct deep log reviews, analyze alerts, and validate true positives vs. false positives.
- Execute incident triage, classification, and prioritization based on risk and impact.
- Conduct advanced root cause analysis (RCA) to identify how incidents originated and evolved.
- Analyze IOCs and threat vectors, supporting detection and investigation activities.
- Analyze Network and Endpoint Events: Interpret security tools and logs from Windows, MAC, and Linux systems to identify potential threats.
- Apply threat intelligence feeds to enhance analysis for specific clients and industries.
- Identify and interpret signals of exploitation, vulnerabilities, and security gaps.
- Collaborate with team members to tune and optimize SIEM/XDR platforms.
- Provide Actionable Recommendations: Deliver recommendations and responses to clients to enhance their security posture.
- Manage technical communication and incident escalation in accordance with defined procedures.
- Performing Intel base Threat Hunting using multiple Log Sources
- Supporting in a 24x7 Security Operation Centre (SOC) environment
- Develop, implement, and maintain SOAR playbooks to automate incident response and reduce mean time to respond (MTTR).
- Integrate multiple security tools (SIEM, EDR, threat intelligence platforms, ticketing systems) within SOAR for streamlined workflows.
- Automate repetitive SOC tasks such as alert triage, enrichment, containment actions, and reporting.
- Design and optimize incident response workflows for consistency, scalability, and efficiency.
Preferred Education
Bachelor's Degree
Required Technical And Professional Expertise
- Should be BE/B.Tech /MCA/BCA with minimum 5-8 years of expiration in cloud security or cloud infrastructure roles.
- Strong experience in advanced log and event analysis.
- Proven ability to perform alert correlation, deep investigation, and incident validation.
- Hands-on experience with incident triage, classification, and prioritization.
- Strong analytical skills to perform root cause analysis.
- Experience analyzing malicious behaviors, IOCs, and attack vectors.
- Practical knowledge of threat intelligence consumption and application to detection.
- Solid understanding of MITRE ATT&CK framework.
- Ability to recognize exploitation techniques, vulnerabilities, and security control gaps.
- Strong technical communication skills and experience handling incident escalation.
- Experience in managing SOAR related task.
- Team-oriented mindset with experience collaborating on SIEM/XDR tuning and optimization.
Preferred Technical And Professional Experience
- Should be BE/B.Tech /MCA/BCA with minimum 5-8 years of expiration in cloud security or cloud infrastructure roles.
- Must have hands-on experience with Q-Radar SIEM, SOAR.
- Strong understanding of cloud security frameworks and best practices (e.g., CIS Benchmarks, NIST, ISO 27001).
- Experience with security incident response and remediation.
- Having more than 5 years of experience in managing SOC operation including technical expertise in SIEM & SOAR.
Click on Apply to know more.