The Cyber Security Engineer is responsible for improving the telemetry, processes and tools for the SIEM/Monitoring systems and SOC team. This role requires proven experience with security tools, security intelligence, anomaly hunting and incident response.
This role requires an analytical mindset and a deep knowledge of the current and emerging threat landscape. The ability to research a threat or vulnerability and to deliver clear and concise 'actionable intelligence' to mitigate against risk is essential.
The Cyber Security Engineer will be expected to understand current network defense technology and to optimize or create new high value 'use cases' and rules to defend against the latest threats.
The ability to research threats, create reports and to clearly articulate recommendations to the clients and to senior members of the team is essential to this role.
This role will be of interest to existing Cyber Security Engineers and to experienced network security engineers, alert handlers and incident response specialists. Existing security clearance is desirable but not essential.
Your Role and Responsibilities
The Cyber Security Engineer will need to have a deep practical knowledge of network defense technologies such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), firewalls, antivirus, Directory Services and Security Incident and Event Management (SIEM) configuration. The Engineer will utilize this knowledge to help make informed decisions about how to achieve the highest standards of network defense as well as researching and investigating attack trends and other malicious activity.
The Cyber Security Engineer is able to implement security 'best practice' recommendations and assess applications and networks for vulnerability, providing clear and concise reports with actionable intelligence and new use cases to detect/mitigate threats.
Client engagement, customer interaction and collaboration is important in this role. The Engineer may be required to travel and meet clients face to face and to communicate their security findings and recommendations, while gaining further insight of the client's network environment and their security needs.
Key Requirements and Skills
Understanding and application of the following security tools: Development / Configuration experience with any industry leading SIEM platform.
Knowledge of current operating environments (Microsoft, Linux, & OS X)
Knowledge of ISAM Web Seal, LDAP, IGI
Knowledge of cloud focused security
Analyze network behaviors for malicious or undesirable behavior
Optimise use cases and rules to fine-tune performance
Develop new high value use cases and rules with a low probability of false positive
Provide actionable intelligence to defend against emerging threats
Ability to take on an Alert Handler or Incident Handers role
Ability to self-manage and work unsupervised
Deep understanding of the current and evolving threat landscape
Deep understanding of network defense technologies such as IDS, IPS and Firewalls
Advance knowledge of Security Information and Event Management (SIEM)
Advanced knowledge of core internet and application protocols
Required Technical and Professional Expertise
Working with network defense technologies including Firewalls IDS, IPS, DLP, UTM and WAF
With core Internet and application protocols including IP,TCP,UDP,ICMP, DNS, HTTP, SQL
Firewall log analysis and ACL configuration
IDS/IPS alert analysis and signature development
Working with SIEM technologies such as Qradar, ArcSight, Splunk, Logrhythm
Working with content filtering technologies such as web and application May
Preferred Technical and Professional Expertise
Industry recognized qualifications
Training and Experience
Ethical Hacking, Security Assessment, Penetration Testing, Cyber forensics
Alert Handler, Incident Handler
Devops toolsets - Github, Jenkins, Jira etc
About Business UnitIBM's Cloud and Cognitive software business is committed to bringing the power of IBM's Cloud and Watson/AI technologies to life for our clients and ecosystem partners around the world. IBM provides you with the most comprehensive and consistent approach to development, security and operations across hybrid environments-with complete software solutions for business and IT operations, development, data science, security, and management. Our experts and software capabilities help organizations develop applications once and deploy them anywhere, integrate security across the breadth of their IT estate, and automate operations with management visibility. With IBM, you also have access to new skills and methods, governance and management approaches, and a deep ecosystem of industry experts and partners.
Your Life @ IBMAre you craving to learn more? Prepared to solve some of the world's most unique challenges? And ready to shape the future for millions of people? If so, then it's time to join us, express your individuality, unleash your curiosity and discover new possibilities.
Every IBMer, and potential ones like yourself, has a voice, carves their own path, and uses their expertise to help co-create and add to our story. Together, we have the power to make meaningful change - to alter the fabric of our clients, of society and IBM itself, to create a truly positive impact and make the world work better for everyone.
It's time to define your career.
About IBMIBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
Location StatementIBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.
Being You @ IBMIBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.