IBM Global Services Delivery Center employs IT professionals across all sectors. This site is fast becoming a “Centre of Excellence” in key areas of the global technology industry. Few places offer as many opportunities to gain knowledge in your field, to work in a stimulating environment and rewards for outstanding performance as IBM. IBM can provide the perfect setting for your career and freedom to enjoy a rich personal life.
IBM Managed Security Services web page link at https://www.ibm.com/security/services/managed-security-services
Managed Security Services is a pioneer and world leader in software and services that protect corporate and personal information from an ever-changing spectrum of online threats and misuse. MSS core operations are performed in Security Operations Centers (SOC) located in 8 locations around the Globe. SOC Poland is 2nd largest center covering globally all MSS operations.
IBM Security is looking for a Security Intelligence Analyst (SIA) . The SIA is responsible for analyzing threats across both the threat landscape in general and threats targeting a specific client or industry’s IT environment, for delivering high quality written reports based on the cyber security analysis of the client’s environment, the client's industry, the client's geography, and the threat landscape in general and makes recommendations to assist clients to reduce their exposure to the IT Security threat.
The SIA monitors and researches security threats, as well as assesses client security data such as Intrusion Detection System (IDS)/ Intrusion Prevention System (IPS) logs, firewall logs, antivirus logs, Directory Services logs, Security Incident and Event Management (SIEM) events and more - searching out and investigating repeating trends, attacks, malicious Internet Protocols (IPs), and anomaly type events.
The SIA conducts scan reviews and provides recommendations to customers with regards to policy tuning recommendations, blocking recommendations, and vulnerability remediation. The SIA provides trend reporting to clients on weekly, biweekly, monthly basis.
Additionally, the SIA provides regular briefings to the client on threat information highlighted in trend reports.
The candidate must possess demonstrated analytic skills, as well as, must be able to communicate effectively to both technical and executive level staff.
Client engagement is a critical focus for this role and customer interaction and collaboration is critically important. The SIA will be required to travel to meet the client face to face, to build their knowledge of the client’s business and develop client insight.
Analyze security events and highlight relevant information to present actionable items, such as:
Performing an analysis of intelligence events or reports that are generated by intelligence source(s);
Documenting the analysis results which may include (as appropriate):
trending of intelligence or security events;
Identify known malicious indicators of compromise (IP addresses, file hashes, URLs, domains, etc.), threat actors, attack types, and more;
general security threats as well as those which may apply to customer specific environment
bench marking of customer by industry and geography
recommendations for security policy modifications
recommendations for new SIEM use cases / rules / reports
deliver high-priority alerts as received and as appropriate to customer
provide technical and executive level formal recommendations and reporting
Perform multiple assigned technical tasks including research, analysis, and root cause analysis of cyber threats and compromises. Have network security product, technology, and Managed Security Services (MSS) specialized skills.
Have IT Security Industry experience, work regularly with client teams to develop requirements, plan, design, and generate a solution that meet the client security needs. This often includes using tools and methods to analyze, design and implement client solutions.
Have demonstrated professional, operational, and inter-personal skills to function effectively in collaborative high stakes and high stress situations with clients.
Able to adjust processes and actions in line with changing environment.
Proficient in sourcing or producing solutions in time critical situations.
Provide analytical ability and creativity necessary in developing and implementing solution deliverables for medium size projects or components of a larger project.
Provide professional and technical guidance to newer or less experienced team personnel. Assist with and, on occasion, assume responsibility for leadership in the analysis, design, or development, or implementation of the deliverable materials.
At least 2 years’ experience in:
Threat Analysis - IT (IDS/IPS) IDS- Intrusion Detection Systems IPS -Intrusion Prevention Systems
trending of threat analysis reporting
firewall log analysis
IDS/IPS log analysis
At least 1 year experience in experience in analyzing SIEM logs (QRadar or ArcSight)
Readiness to travel 10-20% annually
English - fluent
Work for the best Security Company in Europe (SC winner 2016) and The Best Mobile Security Solution with IBM MaaS360 2016 SC Magazine Europe Awards
Trainings and certifications
Private medical package and insurance package
Working on international projects in multicultural teams
Good to be an IBMer discounts
Cinema & trips for IBMers
Summer camps for children
Find more about IBM Security Jobs:
Required Technical and Professional Expertise
not available here, see Job Description
Preferred Tech and Prof Experience
not available here, see Job Description
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.