Jobs for Veterans, Veteran Job Board | GiJobs.com

Post Jobs

Job Information

IBM Global Security - Security Operations Center (SOC) Level 3 Analyst in Charlotte, North Carolina

Job Description

Global Security - Security Operations Center (SOC) Level 3 Analyst

Are you a security guru who loves a challenge? We are looking for an experienced and dedicated Global Security - Security Operations Center (SOC) Level 3 Analyst to join our Global Practice. Cybersecurity is one of the most critical issues of our generation. No other company has the powerful combination of talent, industry-leading security technology, global reach and cognitive capabilities—powered by Watson—to combat cybersecurity threats. This is more than just a job. If you want to help protect the world's cyber infrastructure and transform the security industry, we want to hear from you.

Your Role

The Global Security - SOC Analyst will be responsible for monitoring and analyzing any possible security threat as a member of the client's SOC. On the very basics this means monitoring and analyzing the events and threats that are notified from our SIEM as per the documented procedures and systems. At a deeper level, it will require deep down investigation on the events/alerts escalated by Level 2 analysts that could potentially be a real security incident. The report or output of your investigation should only be based on the full understanding of the actual event triggered by any security solution and include the analysis on client's internal network, PC and log files on the server. Moreover, RCA(Root Cause Analysis) and resolution summary along with your view on how to prevent recurrence is expected. Lastly, direct analysis using Forensic tools or escalating to the proper team that performs such role could be required when necessary.

Responsibilities:

  • Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises.

  • Analyze various malware samples, understanding remediation efforts, track espionage actors and their infrastructure, and report on those findings to our customers

  • Handle incident escalations as necessary from other analysts. Project manage incident responses and coordinate remediation with customers

  • Provide mentoring to other analysts

  • Perform forensic analysis of network activity, disks, and memory

  • Proactively research and monitor security-related information sources to aid in the identification of threats

  • Assist in the development of effective use cases and playbooks

Prefer candidates located on the West Coast of the US.

Your Skills and Abilities

  • Experience working in SOC environment

  • Solid systems security exposure and proficiency (Windows, Linux, etc)

  • In depth knowledge of security solutions (AV, FW, WAF, IDPS, NAC, DLP, IAM, EDR, etc)

  • Proficient knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC, RPC, DNS, etc.

  • Expert troubleshooting skills of complex network and security problems

  • Expert analytical skills in threat, vulnerability, and intrusion detection analysis

  • Excellent verbal and written communication skills

  • Highly disciplined and motivated, able to work independently, under direction, or as a member of a team

  • Must be willing to periodically work non-standard hours and be on call, and travel as determined by client requirements

About Security Services

IBM Security Services helps companies to build a solid strategy and transform their security program. From strategic advisory consulting, incident response, design and deploy services to cloud and managed security services, IBM® has the expertise to help companies stay ahead of cyber criminals. IBM Security Services enables companies to activate global intelligence, innovate without introducing risk, and mature their security program over time.

Learn more at:

https://www.ibm.com/security/services

Your Life at IBM

We come to work thrilled knowing it will never be the same day twice. At IBM, you have access to a rare combination of experiences that together build a powerful, rewarding career for you. These experiences consist of:

  • Opportunity to do work that impacts not just your team but often the very lives of millions of people. You’re not just joining a big company, at IBM you’re joining a bigger cause.

  • Ability to discover the exact career you were meant to have by trying different roles, industries, technologies even locations, right within IBM. No other company gives you the career opportunities like IBM. A company with a progressive and inclusive heritage based on leadership and a history of taking stands on things that matter.

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Required Technical and Professional Expertise

  • Minimum 8 years experience in security field (preferably in SOC environment) with 1-2 years experience as L3 analyst

  • Experience in conducting incident response/investigations using multiple logs and data sources

  • Experience investigating computer network intrusions in an enterprise environment

  • Experience in using relevant investigative tools including forensic tools (EnCase, Volatility, etc)

  • Experience with SIEM and/or log aggregation technologies such as Qradar, Splunk

  • Security tool integration and process automation via scripting and/or automation engines

  • Must have a keen understanding of threat vectors as well as exfiltration techniques

Preferred Tech and Prof Experience

  • CISSP or SANS or other security certifications

  • Experience investigating intrusions in cloud/hybrid environments

  • Experience in performing malware reverse engineering

  • Strong programming for scripting and automation

  • Knowledge of AWS infrastructures

  • Experience in encryption / obfuscation

  • Degree in Computer Science/Engineering

EO Statement

IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

DirectEmployers