"Alerted.org

Introduction

IBM is seeking a Mid or Senior Level Cyber Security Analyst to work on the CISO Security Operations Center team - supporting the rapid threat detection and response mission. This position requires a motivated fast learner, who can work within a security operations function to identify, analyze, and remediate potential threats to the environment. The candidate will require security industry knowledge that evolves with current and emerging threats, as well as an ongoing understanding of key business and technological processes.

Your role and responsibilities

This role will perform security monitoring, investigations, and response to thwart internal and external threats to the IBM environment. Additionally, you will collaborate on an ongoing basis with the Cyber Security Rapid Response Incident Response Team and other security teams to support detection, triage, incident analysis, containment, remediation and reporting of events/incidents while coordinating, balancing business priorities, emerging and actual threats and best practices to ensure the confidentiality, integrity and availability of information assets. This role may include daytime, evening or overnight and weekend shifts to meet business requirements and fulfill the 24x7 mission.

Required technical and professional expertise

* 2+ years of information security related experience

* Experience with security operations, security engineering, risk management, vulnerability management, threat analysis, security auditing, incident response and other information security practices preferred

* Strong knowledge of cloud computing and network protocols

* Knowledge of industry information security standards/frameworks (NIST, MITRE, FEDRAMP)

* Experience working with SIEM tools and log analysis

* Knowledge of EDR tools and endpoint analysis

* Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors

* High level of personal integrity, and the ability to professionally handle confidential investigations and exude the appropriate level of judgment

* High degree of initiative, accountability, and ability to work as part of a team

Preferred technical and professional experience

* 4+ years of information security experience in a security operations or engineering role

* Strong understanding of networking protocols and firewall management

* Enterprise experience in incident response or security operations environment

* Experience with programming or scripting languages

* Experience tuning rules within SIEM tools like Qradar

* Strong experience with EDR platforms, such as Crowdstrike, Microsoft Defender 365, Uptycs or Carbon Black, conducting analysis as part of investigations

* Experience with cloud computing platforms, e.g. IBM Cloud, Amazon Web Services, Azure

* Experience with host virtualization platforms, e.g. VMware, Hyper-V

* Experience with application container technologies, e.g. Kubernetes

* Purple team experience conducting attacker simulation and adversary emulation

* System administration skills for Windows and Linux

* Windows, Linux and/or Mac forensics

IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.