SOAR Engineer

Introduction

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.

Youll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and

valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by

our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.

Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, youll be

encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in

ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth

and development opportunities in an environment that embraces your unique skills and experience.

Your Role And Responsibilities

• Work experience - 5+ Years
• Proactively lead and support incident response team during an incident.
• Experience in advance investigation, triaging, analysis and escalation of security incidents with recommendations
• Hands-on basic experience with configurations and management of SIEM tools(Qradar) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST.
• Proven Experience on any of the Security information and event management (SIEM) tools using Qradar
• Data-driven threat hunting using SIEM, EDR and XDR tools
• Basic Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR
• Identify quick defence techniques till permanent resolution.
• Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
• Review incidents escalated by Level 1 analysts.
• Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts.
• Actively investigates the latest in security vulnerabilities, advisories, incidents, and penetration techniques and notifies end users when appropriate.
• Identify the gaps in security environment & suggest the gap closure
• Drive & Support Change Management
• Performs and reviews tasks as identified in a daily task list.
• Report Generation and Trend Analysis. Participate in the Weekly and Monthly governance calls to support the SOC metrics reporting
• Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.
• Willing to work in 24x7 rotational shift model including night shift.
  
  

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) - Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.
  
  

• Hands-on experience required in Qradar SIEM and SOAR.
• Desired experience in Threat hunting, Threat intelligence.
• Worked on tools belongs to Qradar, UEBA, UAX.
• Must have desire to learn or cross skill with new technologies.
• Must be able to work in morning, evening, and night shifts (24*7) - Mandatory.
• Bachelor’s degree in engineering/information security, or a related field.
• Relevant certifications such as CEH, CISSP, CISM, CompTIA CASP+, or equivalent.
• Proven experience to work in a SOC environment.
• Deep technical knowledge of security technologies and advanced threat landscapes.
• Proven experience in managing and responding to complex security incidents.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration abilities.
• Ability to work in a fast-paced, dynamic environment.