Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You'll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you'll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You'll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your Role And Responsibilities
As a Technical Consultant: Threat Detection Response & Intelligence, you play a vital role in safeguarding an organization's digital infrastructure by identifying, analyzing, and mitigating cyber threats. This position involves using a variety of cybersecurity tools to monitor, prioritize, investigate, and respond to security incidents. Your primary responsibilities will include:
- Conduct Event Investigations: Investigate security incidents using SIEM, SOAR, EDR, and XDR platforms, and apply industry frameworks like MITRE ATT&CK and the Cyber Kill Chain to understand and counter adversary tactics effectively.
- Manage Incident Reports: Prioritize and manage incident reports, providing actionable recommendations and responses to strengthen the client's security posture.
- Analyze Network and Endpoint Events: Interpret security tools and logs from Windows, MAC, and Linux systems to identify potential threats.
- Engage in Vulnerability Management: Participate in vulnerability management and cyber threat intelligence activities to identify and anticipate potential threats.
- Provide Actionable Recommendations: Deliver recommendations and responses to clients to enhance their security posture.
Preferred Education
Master's Degree
Required Technical And Professional Expertise
- Exposure to Cybersecurity Tools: Familiarity with a variety of cybersecurity tools, including SIEM, SOAR, EDR, and XDR platforms, to monitor, prioritize, investigate, and respond to security incidents.
- Understanding of Industry Frameworks: Knowledge of industry frameworks like MITRE ATT&CK and the Cyber Kill Chain to understand and counter adversary tactics effectively.
- Experience with Network and Endpoint Analysis: Ability to interpret security tools and logs from Windows, MAC, and Linux systems to identify potential threats.
- Exposure to Vulnerability Management: Participation in vulnerability management and cyber threat intelligence activities to identify and anticipate potential threats.
- Certification in Security Technologies: Familiarity with security technologies and certifications related to threat detection, response, and intelligence.
Preferred Technical And Professional Experience
- Familiarity with Scripting Languages: Exposure to scripting languages such as Python, PowerShell, or Bash is beneficial for automating tasks and interacting with various cybersecurity tools.
- Knowledge of Cloud Security: Understanding cloud security principles and experience working with cloud-based security solutions can be advantageous in identifying and mitigating cyber threats.
- Exposure to Threat Intelligence Platforms: Familiarity with threat intelligence platforms and feeds can aid in staying up-to-date with emerging threats and improving incident response capabilities.
