Job description

As a Security Delivery Specialist-SIEM Admin at IBM, you are the face of the company to the customers, tasked with ensuring their success through proactive problem monitoring, change processes, and responding to issues. The role involves SIEM administration, monitoring security events, escalating issues, and contributing to the SOC team’s effectiveness by handling incidents and maintaining the knowledge base.

Responsibility

• Monitoring security events from various SOC channels and escalate appropriately
• Deployment, audit, and troubleshooting of SIEM in customer environments
• Coordination with L2 and SOC Monitoring team for issue troubleshooting and resolution
• Troubleshooting at device and connector/agent end
• Building incident reports and reviewing SLA for Incident alerting and closure
• Update and maintain SOC knowledge base
• Deep analysis and trending of security log data
• Administration of Windows and Unix servers
• Building Parser for the SIEM using regex
• Willingness to work on 24/7 shifts to support client requirements

Qualifications

• 2 Years of Experience in SOC and min. 1 years on Qradar, Splunk SIEM Engineering
• Exposure to next generation SOC (2.0)
• Escalation point for L2 and Soc Monitor team
• Good Understanding of Firewall, IDP/IPS, SIEM functioning
• Deep understanding on Windows, DB, Mail cluster, VM and Linux commands
• Knowledge of network protocols TCP/IP and ports
• Qualifications like CISA, CISM, CISSP, CEH, SANS or any other recognized qualification in Cybersecurity (SIEM/Qradar certification)
• Thorough knowledge in SIEM tool and experience in networking
• Cloud security experience