Soc-ir-engineer-l2 - Bengaluru, India - IBM

IBM
IBM
Verified Company
Bengaluru, India

2 weeks ago

Deepika Kaur

Posted by:

Deepika Kaur

beBee Recuiter
Description

Introduction
As a Service Delivery Specialist, you are the face of IBM for our customers. Your clients' success depends on your ability to understand their needs and respond to requests for new services.

This role is an integral part of both account planning and delivering support strategies, working to proactively monitor problems, change processes, and handle issues to ensure our customers success.


Your Role and Responsibilities

SOC Engineer (L2) would work closely with the SOC team and be responsible for SIEM engineering activities such as log source integration, Use case development and enhancement, Rule tuning, dashboard and report development, and Platform upgradation.

Support the incident response team during an incident.

  • SOC Analyst L2 would work closely with SOC team and be responsible for
- incident detection, triage, analysis and response.

  • Handle L2 and above level technical escalations from L1 Operations team and resolve within SLA.
  • Proactively lead and support incident response team during an incident.
  • Performs and reviews tasks as identified in a daily task list.
  • Report Generation and Trend Analysis. Front ending the governance meeting with customer and walkthrough of the security status from SOC perspective to the customer/stake holders.
  • Ready to work in 24x7 rotational shift model including night shift
  • Identify & investigate the security incidents
  • Identify the security gaps and drive for closure through Change Mgmt
  • Monitor the security logs /alerts from various devices and escalate/investigate the incident
  • To explore different security technologies available in the market
  • Install Build, Test, and Configure SIEM related systems
  • Maintain security dashboards
  • Coordination with internal customers for their security related problems and providing solutions.
  • Create and manage the SOPs, runbooks and Asset inventory with risk classification
  • Work closely with L1 team members to provide quick support & escalation.
  • Train other analysts in their role and responsibilities

Required Technical and Professional Expertise

  • 2 to 3 + years of IT experience in security with at least 2+ Years in Security Operation centre with SIEMs.
  • Handson experience with configurations and management of SIEM tools(Qradar/MS Sentinel/Splunk) including log source integrations, custom parser built, fine tuning and optimizing the correlation rules and use cases recommendations Is MUST.
  • Good to have hands on experience with managing SIEM solutions on public/private clouds like Amazon AWS, Microsoft Azure, etc.
  • Proven Experience on any of the Security information and event management (SIEM) tools like (Qradar, Splunk, McAfee ESM etc.)
  • Datadriven threat hunting using SIEM and other threat hunting tools
  • Experience is SOAR tools such as Qradar Resilient, PaloAlto XSOAR
- dentify quick defence techniques till permanent resolution.

  • Recognize successful intrusions and compromises through review and analysis of relevant event detail information.
  • Review incidents escalated by Level 1 analysts.
  • Launch and track investigations to resolution. Recognize attacks based on their signatures, differentiates false positives from true intrusion attempts.
  • Actively investigates the latest in security vulnerabilities, advisories, incidents, and
- penetration techniques and notifies end users when appropriate.

  • Identify the gaps in security environment & suggest the gap closure
  • Drive & Support Change Management

Preferred Technical and Professional Expertise

  • Certifications: CEH or ECIH or Comptia security analyst
  • Ambitious individual who can work under their own direction towards agreed targets/goals and with creative approach to work
  • Intuitive individual with an ability to manage change and proven time management
  • Proven interpersonal skills while contributing to team effort by accomplishing related results as needed
  • Uptodate technical knowledge by attending educational workshops, reviewing publications
  • Any entrant or Professional skill on shell scripting, AIX, Linux.

About Business Unit
IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation.

With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world.

Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.


In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your
More jobs from IBM
See all jobs of IBM