Introduction
In this role, you'll work in one of our IBM Consulting Client Innovation Centers (Delivery Centers), where we deliver deep technical and industry expertise to a wide range of public and private sector clients around the world. Our delivery centers offer our clients locally based skills and technical expertise to drive innovation and adoption of new technology.
A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio; including Software and Red Hat.
Want more jobs like this?
Get Software Engineering jobs in Bonifacio Global City, Philippines delivered to your inbox every week.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in ground breaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment that embraces your unique skills and experience
Your role and responsibilities
As a L3 SIEM Engineer, your responsibilities may encompass the following activities:
SIEM Implementation and Management
- Design and deploy SIEM solutions tailored to organizational and client-specific needs.
- Configure data sources, log collection mechanisms, and parsing for effective data ingestion and correlation.
- Maintain, update, and optimize SIEM rules, alerts, and dashboards to ensure high performance
Threat Detection and Response
- Develop and implement custom use cases, correlation rules, and workflows to identify and mitigate threats.
- Integrate threat intelligence platforms with SIEM systems for enhanced detection capabilities.
- Support incident response activities by providing event correlation, log analysis, and forensic insights.
System Optimization
- Continuously fine-tune SIEM performance to reduce false positives and improve detection accuracy.
- Ensure high availability, scalability, and redundancy of SIEM platforms.
- Work with vendors to troubleshoot issues, apply updates, and implement patches.
Collaboration and Reporting
- Collaborate with security analysts, SOC teams, and IT professionals to enhance threat detection capabilities.
- Generate regular reports on security trends, incidents, and compliance metrics.
- Mentor and train team members on SIEM functionalities, best practices, and new developments
Compliance and Documentation
- Ensure SIEM configurations comply with industry and regulatory standards (e.g., GDPR, ISO 27001, PCI-DSS).
- Maintain comprehensive documentation of SIEM configurations, processes, and incident handling procedures.
Weekly and Monthly Client Debrief Reporting
- Prepare and deliver comprehensive weekly and monthly SIEM debrief reports for clients, including insights on security trends, incidents, system performance, and recommendations.
- Engage with clients during debrief meetings to address questions, gather feedback, and align on security objectives.
Required education
Bachelor's Degree
Preferred education
Bachelor's Degree
Required technical and professional expertise
We are seeking a highly skilled and experienced Senior SIEM and SOAR Administrator to join our Security Operations Center (SOC) team. The ideal candidate will be responsible for the design, implementation, and ongoing administration of both SIEM and SOAR platforms to enhance threat detection, response, and automation capabilities. This role requires deep technical knowledge, and a proactive mindset to ensure the security and compliance of client environments.
Experience:
- 3-5 years of hands-on experience with SIEM platforms such as QRadar, Splunk, ArcSight, Microsoft Sentinel, or LogRhythm.
- Experience with SOAR platforms such as IBM native cloud-based SOAR solutions, Palo Alto Cortex XSOAR, Splunk SOAR, or similar.
- Strong understanding of cybersecurity principles, threat intelligence, and incident response processes.
- Familiarity with log management, data normalization, and network protocols.
- Proven ability to integrate SIEM and SOAR platforms with existing security tools and technologies, such as EDR, threat intelligence sources, and cloud-native security tools.
- Experience in automating security operations workflows and incident response processes to streamline SOC operations.
- Solid understanding of security principles, threat intelligence, and incident response processes, with hands-on experience integrating threat intelligence into both SIEM and SOAR-driven use cases.
Technical Skills:
- Expertise in creating and managing custom dashboards, rules, reports, and alerts.
- Advanced ability to ingest, parse, and normalize log data from diverse sources (e.g., firewalls, endpoints, cloud platforms, applications).
- Proficiency in scripting languages like Python or PowerShell for automation and customization.
- Hands-on experience with log collection protocols (e.g., Syslog, Windows Event Logs, API integrations).
- Knowledge of compliance frameworks and standards such as NIST, CIS, and MITRE ATT&CK.
Soft Skills:
- Strong analytical and problem-solving abilities with keen attention to detail.
- Excellent communication and collaboration skills, with the ability to interact effectively with stakeholders at all levels.
- Capable of managing multiple priorities in a fast-paced, dynamic environment.
Preferred technical and professional experience
Preferred Certifications
- Splunk Certified Admin/Architect, IBM QRadar Certified Deployment Professional, or equivalent SIEM-specific certifications.
- Splunk Certified Admin/Architect, IBM QRadar Certified Deployment Professional, or equivalent SIEM-specific certifications.
- SOAR platform certifications (e.g., Cortex XSOAR Certified, IBM Resilient Certification) are a plus.
- General security certifications such as CISSP, GSEC, or GIAC SIEM.
ABOUT BUSINESS UNIT
IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.
YOUR LIFE @ IBM
In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.
Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.
Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.
Are you ready to be an IBMer?
ABOUT IBM
IBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.
Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.
At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.
IBM is proud to be an equal-opportunity employer. All qualifiedapplicants will receive consideration for employment without regard to race,color, religion, sex, gender, gender identity or expression, sexualorientation, national origin, caste, genetics, pregnancy, disability,neurodivergence, age, veteran status, or other characteristics. IBM is alsocommitted to compliance with all fair employment practices regardingcitizenship and immigration status.
OTHER RELEVANT JOB DETAILS
For additional information about location requirements, please discuss with the recruiter following submission of your application.