IBM Security Intelligence Consultant & Use-Case Engineer in QUEZON CITY, Philippines

Job Description

Job Summary:

We have an excellent opportunity for a Security Intelligence Analyst & Use-case engineer to support strategic clients across the region to drive strategy around various security consulting initiatives. This is an opportunity to work with IBM security services team that is operating on the cutting-edge of information security.

Why IBM Security Services?

IBM Security has 10,000 clients in 133 countries, 6,000 researchers, developers, and SMEs focused on security, 3,700 security-related patents, and 36 IBM Security locations across the globe.

High-growth areas are security analytics/SIEM (10%); Threat Intelligence (10%+); Mobile Security (18%); and Cloud Security (50%)

IBM Security QRadar is again a leader in Gartner’s 2015 Magic Quadrant for SIEM .

Key Responsibilities:

The Security Intelligence Analyst and Use-case engineer role is part of the SOC. Candidates in this role will analyze information and intelligence relevant to threats facing the systems, infrastructure, and resources critical to the account and use this information to develop use-cases for the SIEM/SoC. Ideal candidates will be experienced in analyzing cyber threats and security intelligence and determining indicators of compromise that are relevant to the environment.

Job Requirements:

  • Provide initial analysis of security intelligence feeds

  • Provide communication and escalation as per Security Incident Management Process / Guidelines for severe intelligence findings.

  • Takes an active part in the gathering, analysis, and communication of threat intelligence through the intelligence process.

  • Review and analyze external threat intelligence feeds (industry feeds and security partners)

  • Hunting based on indicators of compromise or suspicious anomalous activity based on data alerts or data outputs from various toolsets

  • Publish Actionable Intelligence alerts to L2 and L3 analysts for defined use cases (e.g. compromised credentials, Indicators of Compromise associated with active malicious campaigns)

  • Publish Situational Awareness alerts to L2, L3 and SIEM Admin/Integration Engineer for use cases (e.g. New security threats under consideration that could impact the business)

  • Submit change control to apply customized rules to prevent attacks and SOC rules to count the number of attacks prevented

Required Technical and Professional Expertise

Job Requirements:

  • Provide initial analysis of security intelligence feeds

  • Provide communication and escalation as per Security Incident Management Process / Guidelines for severe intelligence findings.

  • Review and analyze external threat intelligence feeds (industry feeds and security partners)

  • Hunting based on indicators of compromise or suspicious anomalous activity based on data alerts or data outputs from various toolsets

  • Publish Actionable Intelligence alerts to L2 and L3 analysts for defined use cases (e.g. compromised credentials, Indicators of Compromise associated with active malicious campaigns)

  • Publish Situational Awareness alerts to L2, L3 and SIEM Admin/Integration Engineer for use cases (e.g. New security threats under consideration that could impact the business)

  • Submit change control to apply customized rules to prevent attacks and SOC rules to count the number of attacks prevented

Preferred Tech and Prof Experience

Recommended:

  • Reverse Engineering Malware Analysis (optional GREM certification)

  • Hacker Techniques, Exploits & Incident Handling – SEC504 (optional GCIH certification)

Preferred:

  • Intrusion Detection In Depth – SEC503 (GCIA certification) or equivalent

  • Cyber Threat Intelligence (FOR 578) or equivalent

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.