COMPLETE Security Specialist-SIEM

Introduction
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
The main mission of the SOC analyst is to deal with the security incidents which are detected by the service and to lead in-depth analysis on these incidents
With a proven experience in the field of Cyber defence, you perfectly know attacks methods and security equipment functions.
You possess an Information Security and operational oriented mind-set.

Responsibilities

• Investigates deeper on the detected behaviours when an incident is escalated by the SOC level 1 analyst
• Add context to the incident to understand the behaviour, analysing data from multiple tools and data sources
• Participates to the crisis management by providing support to the incident handler and the SOC Level 3 analysts
• Create reports and visualizations of security attacks
• Tracks trends for metrics and reporting
• Works on the decrease of false positives
• Maintain the detection rules database
• The SOC level 2 analyst belongs to the analysis staff, works in 24X7 support.
• Participates to recurrent meeting with the customer as the technical referent.
• Provides recommendations or workarounds to the customer in order to reduce business impact
• Leads and participates to the continuous improvement of the service (detection level, process, operational procedures, service efficiency, service reporting)
• Supports the customer for the remediation of incidents
• Supports the SOC manager for the reporting of the activity.
• In charge of the improvement plan and development of process/procedure manuals and documentation
• Participates of the improvement plan for service efficiency and detection rules.
• Works independently to perform analyses and investigations

Required Technical and Professional Expertise

• You are a professional with at least 3 to 5 years’ experience in the field service and also with customer’s relations.
• You are comfortable with IDS – SIEM – Log Management, Vulnerability scanning technologies, Log Management, Vulnerability scanning technologies, Ticketing system
• Rigorous and respectful of process.
• Strong attention to details.
• Time management skills with the ability for multitasking
• Information Security and operational oriented mind-set
• Intrusion and Information system corruption techniques
• Knowledge of security policies for information systems
• Autonomous and self-organized
• Analysis and synthesis skills

Preferred Technical and Professional Expertise

• Certifications: CEH, SC-200, and Qradar administrator or Equivalent
• Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
• Intuitive individual with an ability to manage change and proven time management
• Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
• Up-to-date technical knowledge by attending educational workshops, reviewing publications
• Any entrant or Professional skill on shell scripting, AIX, Linux.