About IBM:IBM has been present in India since 1992. IBM India's solutions and services span all major industries including financial services, healthcare, government, automotive, telecommunications and education, among others. As a trusted partner with wide-ranging service capabilities, IBM helps clients transform and succeed in challenging circumstances. The diversity and breadth of the entire IBM portfolio of research, consulting, solutions, services, systems and software, uniquely distinguishes IBM India from other companies in the industry.Business Unit Introduction:IBM Global Technology Services (GTS) helps clients plan, implement and manage an efficient, resilient, flexible IT infrastructure. IBM GTS is the partner of choice for infrastructure services – be it transformational outsourcing tied to business outcomes or integrated managed services or discrete services.Who you are:
Should include conducting incident analysis, forensics and root cause analysis
Understands SIEM tools functionality and logic behind creating rules and filters, integrating with different solution e.g. IDS, IPS etc...
What you’ll do:
Should be able to provide first responder forensics analysis and investigation · Drives containment strategy during data loss or breach events · Triage and resolve advanced vector attacks such as botnets and advanced persistent threats (APTs) ·
Works directly with data asset owners and business response plan owners during high severity incidents .
Tuning of IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data, incidents, or vulnerabilities and exploits of downstream systems · Provides tuning recommendations to administrators based on findings during investigations or threat information reviews
How we’ll help you grow:
You’ll have access to all the technical and management training courses you need to become the expert you want to be
You’ll learn directly from expert developers in the field; our team leads love to mentor
You have the opportunity to work in many different areas to figure out what really excites you
Minimum 5 years of experience in full lifecycle of incident management and root cause analysis in SOC and information security operations
Knowledge of networking systems and perimeter security devices Knowledge of network security zones, Firewall configurations, IDS policies. Experience with Systems Administration, Middleware, and Application Administration. Experience with Network and Network Security tools administration
Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logs for investigation purposes. In-depth experience with log search tools, usage of regular expressions and natural language queries
In-depth knowledge of packet capture and analysis. Should be able to help in the development, architecture and design of client's Security Intelligence Operations Center and Security Incident & Event Management Solutions and are able to articulate SIOC and SIEM points of view.
Client Innovation Center (CIC)
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.