Your Role and Responsibilities
• As a Senior Consultant in the IBM Security Services Practice you will be someone who can speak about the entire security landscape with a client s senior management or executive team.
• You should have depth of knowledge and experience in core security domains SOC Enablement/Operations, SIEM, Threat Hunting, Threat Intelligence, Use Cases, IOC s.
• You will provide subject matter expertise in the form of briefings, workshops, and/or consulting engagements within their domain that assess a client s security capabilities as well as recommending solutions to enhance a client s overall security capabilities.
• Such client security capabilities may involve policy, process, technology, governance or organizational areas. Consultants will identify improvements in the current environment and recommend best practices to help them build a sound Security Operation Center.
• The role is Senior SIOC Managing Consultant with strong SIOC (Security Information & operation consultancy) skills like designing, implementing and managing (processes, technology, governance model, people).
• Strong communication and presentation skills
• Strong writing skills
• Comfortable working in a project based / client serving model
• Ability to shape client expectations
• Drive client pursuits and engage in complex deals
• Ability to work with global and diverse teams in a dynamic environment
• Ability to work in a matrix management model
Security Technical Skills
• You understand and how to build use-cases, because you know what you re looking for. For example, you understand how ransomware and other malware or threats technically works, which logs they write to, their IOCs, network flows, and behaviors; thus, you are adapt at building custom use-cases that hunt for early indicators.
• Additionally, you understand how to hunt for threats, the relationship it has with forensic investigations, and creating extracts that divulge targets and areas of interest.
• Also, you are able to design Threat Hunting programs which can be taught to other analysts, or even be automated using artificial intelligence. False positives are your sworn enemies.
• The ideal candidate is not your typical SIEM person. Rather you are a person who can write your own queries and scripts that will allow you to search through logs, network flows, and other areas to correlate security events of interest. You are able to de-construct attacks and threats.
Security Domain Skills
• Experience designing, implementing and managing (processes, technology, governance model, people)
• Depth of knowledge of the core security domain: SOC Enablement & Operations; SIEM
• An understand of contemporary and legacy security technologies used within the particular domain SIEM
• Product knowledge of SIEM : Qradar is a plus , ArcSight, SPLUNK, etc..
• Depth of Knowledge in Use Cases and response runbooks (A Must)
• An understanding of Threat Intelligence and Threat Hunting
• Basic understanding of compliance issues (ISO 27001, PCI , COBIT, GDPR, POPII, etc..)