SOC Engineer
4 weeks ago
The Security Operations Center has a global footprint within IBM and is responsible for monitoring 24x7 monitoring and incident response. As a part of this team, you will be working with other likeminded security professionals in order to secure and protect IBM employees, systems and environments (IBM Cloud) against emerging cybersecurity threats.
bout the Role
This role will perform security monitoring, investigations, and response to thwart internal and external threats to the IBM environment. Additionally, you will collaborate on an ongoing basis with the Cyber Security Rapid Response Incident Response Team and other security teams to support detection, triage, incident analysis, containment, remediation and reporting of events/incidents while coordinating, balancing business priorities, emerging and actual threats and best practices to ensure the confidentiality, integrity and availability of information assets. This role may include daytime, evening or overnight and weekend shifts to meet business requirements and fufill the 24x7 mission.
Essential Duties and Responsibilities
- Drive the global security monitoring and rapid response mission across the team
- Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment
- Model effective communication and response to internal stakeholders within your investigations
- Improve runbooks, processes and response capabilities
- Resolve problems independently and understand escalation procedures
- Participate in security incidents and act as the technical Subject Matter Expert during significant security incidents
- Collaborate with technical leads: Engineering, Operations, Service Desk, Applications and BISOs on matters related to security monitoring across global footprint
- Collaborate and serve as liaison to Managed and/or Unmanaged Security Service providers
- ct as an internal information security consultant to the business and technology units, advising on risks, threats and control practices related to Rapid Response
- Conduct training and knowledge sharing sessions within the team
- Drive rule tuning and detection use cases across our SOC tools
- Provide oversight and mentoring to other team members to improve team capabilities
- Perform threat hunts that target adversary TTPs across enterprise environments
Minimum Requirements:
- 2+ years of information security related experience
- Experience with security operations, security engineering, risk management, vulnerability management, threat analysis, security auditing, incident response and other information security practices preferred
- Strong knowledge of cloud computing and network protocols
- Knowledge of industry information security standards/frameworks (NIST, MITRE, FEDRAMP)
- Experience working with SIEM tools and log analysis
- Knowledge of EDR tools and endpoint analysis
- Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors
- High level of personal integrity, and the ability to professionally handle confidential investigations and exude the appropriate level of judgment
- High degree of initiative, accountability, and ability to work as part of a team
- High School Diploma or GED required
- Relevant IT security industry recognized certifications (CYSA+, Sec+, GSOC, BLT2, etc)
Preferred Requirements:
- 4+ years of information security experience in a security operations or engineering role
- Strong understanding of networking protocols and firewall management
- Enterprise experience in incident response or security operations environment
- Experience with programming or scripting languages
- Experience tuning rules within SIEM tools like Qradar
- Strong experience with EDR platforms, such as Crowdstrike, Microsoft Defender 365, Uptycs or Carbon Black, conducting analysis as part of investigations
- Experience with cloud computing platforms, e.g. IBM Cloud, Amazon Web Services, Azure
- Experience with host virtualization platforms, e.g. VMware, Hyper-V
- Experience with application container technologies, e.g. Kubernetes
- Purple team experience conducting attacker simulation and adversary emulation
- System administration skills for Windows and Linux
- Windows, Linux and/or Mac forensics
- Bachelor's Degree
- Relevant IT security industry recognized certifications (CASP, CISSP, GCIH, GCIA, GMON, OSCP, etc.)
-
SOC Engineer
7 days ago
Tampa, United States RIT Solutions, Inc. Full timebout the Team The Security Operations Center has a global footprint within IBM and is responsible for monitoring 24x7 monitoring and incident response. As a part of this team, you will be working with other likeminded security professionals in order to secure and protect IBM employees, systems and environments (IBM Cloud) against emerging cybersecurity...
-
Firmware Engineer
7 days ago
Tampa, United States Motive Workforce Full timeLooking for a Firmware Engineer IV with a Secret Clearance OR the ability to obtain an U.S. Government Security Clearance to lead the hardware development team in the design and development of embedded crypto projects. Given the modest size of our team, this role assumes a diverse range of responsibilities to address operational needs and challenges. This is...
-
Network Engineer
1 day ago
Tampa, United States Pitisci & Associates Full timeCloud Engineer 1- About the role:Active involvement with Fortinet deployment and administration is required.Assist with design, deploy, and maintain cloud and on prem network infrastructure plus various application environments related to network technology. VoIPUtilize circuit monitoring to ensure network performance and availability.Generate periodic...
-
Senior Network Engineer
4 weeks ago
Tampa, United States Netsync Network Solutions Full timeDetailed DescriptionDescription: Under the direction of the NOC Manager - Network, the Network Operations Center (NOC) Senior Network Engineer is responsible for creating and evolving internal IT network and ensuring reliable delivery of our clients Network Infrastructure services. The Senior Network Engineer will train and mentor all members of the IT...
