TDR

Job Description

Introduction
Software Developers at IBM are the backbone of our strategic initiatives to design, code, test, and provide industry-leading solutions that make the world run today – planes and trains take off on time, bank transactions complete in the blink of an eye and the world remains safe because of the work our software developers do. Whether you are working on projects internally or for a client, software development is critical to the success of IBM and our clients worldwide. At IBM, you will use the latest software development tools, techniques and approaches and work with leading minds in the industry to build solutions you can be proud of. Your Role and Responsibilities
IBM Technology Expert Labs Security (IBM Security Professional Services) is looking for a Threat Detection and Response solution Consultant with proven record in Security domain and experience with IBM Security products. The candidate will have the ultimate responsibility of delivering the design, deployment, configuration, tuning and knowledge transfer of IBM Security QRadar Suite of products (SIEM, SOAR, EDR, Log Insights, XDR) for Expert Labs customers. This is a customer facing role.
This is an opportunity to work with the delivery of professional services for world leading security platform of IBM QRadar Suite. Be part of a dynamic team delivering professional services to IBM customers. Great opportunity for growth and constantly interesting sets of challenges to solve. IBM Technology Expert Labs Security team thrives on working in dynamic customer facing environments, each offering compelling challenges and exciting opportunities to make a difference.
The consultant will be expected to lead all phases of QRadar Suite design, consultancy and implementation engagements.

Responsibilities:

• Experience working with QRadar Suite (SIEM, SOAR, EDR, Log Insights, XDR) System Architecture and Components
• Planning the deployment of IBM Security QRadar Suite Solutions based on best practices
• Integrating QRadar Suite with customer operations including log sources, VA scanners, cloud apps, network management and ticketing systems
• Assisting customers in building key use-cases, operational processes with QRadar Suite ecosystem
• Conducting security investigations into customer incidents using QRadar Suite
• Configuring and troubleshooting QRadar Suite to deliver optimal performance in high volume enterprise customer environments
• Tuning rules, false positive, root cause analysis
• Performing maturity assessment of QRadar Suite deployments of customer deployments
• Integrating solution with various systems for Incident enrichment
• Running process design workshop with customers
• Creating custom playbooks. Tuning existing playbooks
• Experience with React JS, Carbon Design
• Experience with Python, REST APIs

Security Practice and Delivery:

• Participate in client meetings to gather and validate market requirements
• Provide assistance with proposals, statements of work, and provide peer review for other members
• Lead clients in requirements gathering, system definition and documentation.
• Participate in project delivery to varying degrees depending on project complexity and geography needs
• Establish demonstrated client relationships in key accounts to help progress the IBM Security Services portfolio
• Achieve billable utilisation targets as assigned

Individual must have a strong interest and expertise in Security in general with preference for threat detection and response. A qualified individual would be familiar with industry blogs, key publications in the field of security and would have full awareness of any recent significant security events. Required Technical and Professional Expertise

• At Least 7 years experience required in Threat Management and Response technologies.
• At Least 7 years experience required in IBM QRadar Suite solution architecture, design and implementation
• Demonstrate experience in administration of operating systems (Linux and Windows)
• Understanding of AI-embedded capabilities in IBM Security QRadar Suite
• Broad knowledge of security technologies, processes and strategies – SIEM, Cloud, IDS, IPS, and Endpoint technologies
• Good understanding of Information Security compliance regulations, frameworks, requirements (PCI, SOX, HIPPA)
• Knowledge in understanding threat actors, their methods, patterns, and the application of techniques from detection, through to response including forensics and investigations.
• Understanding of Redhat OpenShift technology
• Deep understanding of MITRE ATT&CK Framework
• Advanced ability to take business problems and design cognitive intelligence approaches to address priority use cases
• Experience of working across diverse teams to facilitate solutions on large projects
• Understanding of Security Operations in a SOC environment
• Understanding of AWS/IBM Cloud/Azure/Google cloud environments

Preferred Technical and Professional Expertise

• Redhat OpenShift Certification
• AWS Certification
• Industry certifications like CISSP would be added advantage
• Relevant SANS Training