SCE / SIEM Admin
Budapest, HUNGARY IT development
Job description
Introduction
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
A sneak peak into this role :
In this role, you'll work in our IBM Client Innovation Center (CIC), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. These centers offer our clients locally-based skills and technical expertise to drive innovation and adoption of new technology.
Why you'll love your job:
You will be
· Leading complex automation and tuning activities
· Preparing and implementing automation and tuning solutions.
· Collaborating daily with cross function teams internally and with clients. Mainly incident response analysts, threat hunters, architects and security consultants.
· Creating weekly (operational) and monthly (executive) engineering reports about fine-tuning and automation of detection rules and efficiency of SOC measured against agreed meters.
· Responsible of understanding contractual baselines and pushing forward to achieve them via driving necessary meetings and development tasks.
· Act as primary point of contact when it comes to troubleshooting, designing, and deploying security workbooks, playbooks, data connectors and analytical rules.
Required Technical and Professional Expertise
What you will bring to the team :
· Understanding of VPN, IDP/IPS, WAF and Firewall systems
· Understanding of Cyber Kill Chain and MITRE ATT&CK frameworks
· Hands-on experience with managing Microsoft Cloud Security Suite such as Azure AD, Sentinel (SIEM), Defender (XDR) and MDE
· Good knowledge of enterprise SOC structure, SOC-as-a-service
· Good knowledge of use case and workflow management
· Capabiltiy of composing and understanding advance KQL
· Microsoft Certified SC-900 and AZ-900
Preferred Technical and Professional Expertise
Experience with the following are bonus points, but not necessary, you can learn them at IBM:
· Familiar with ticketing system such as ServiceNow
· Familiar with Kanban boards such as Trello or in M365 Teams
· Familiar with Zscaler, Checkpoint, Fortinet, Cisco, Crowstrike, Proofpoint, CyberArk systems and their logs
· Familiar with MaGMa framework, IoT Security, SIGMA rules or GitHub
· Experience in malware analysis or reverse engieenering
· Microsoft Certified SC-100, SC-200, SC-300, SC-400, AZ-500 In return we provide you with :
· Dynamic, diverse, inclusive, and supporting environment
· Professional, skill-growth opportunities, reskilling possibility
· Access to worldwide leading technologies
· Agile office area
· Hybrid working model
· Competitive compensation and benefits package including healthcare
· And don't worry if you don't tick every single box in the requirements. We're always looking to hire for potential and the right mindset - so we'd still love to hear back from you.
Our awards why you might be a proud IBMer :
· Randstad: Most Attractive SSC Employer in 2020
· Family Friendly Workplace Award (2018, 2019, 2020)
· Responsible Employer recognition (2018-2021)
· Most Attractive Employer (3rd) (2020)
· Disability-Friendly Workplace Recognition (2010-2020)
· Disability-Friendly Workplace Best Employee & Role Model Employee
· Award (2021)
· Stevie Awards for our Teams & Professionals (2018, 2019, 2021)
· Hungarian Outsourcing Association CSR Award (2021)
· Do you know someone, who will be good for this position? Share with them.