Introduction
Information and Data are some of the most important organizational assets in today's businesses. As a Security Consultant, you will be a key advisor for IBM's clients, analyzing business requirements to design and implement the best security solutions for their needs. You will apply your technical skills to find the balance between enabling and securing the client's organization with the cognitive solutions that are making IBM the fastest growing enterprise security business in the world.

Your Role and Responsibilities
SIEM-Sentinel Admin

How we'll help you grow:

• You'll have access to all the technical and management training courses you need to become the expert you want to be
• You'll learn directly from expert developers in the field; our team leads love to mentor
• You have the opportunity to work in many different areas to figure out what really excites you

• Proficient with Azure Sentinel focusing primarily on SIEM (security information and event manager) for monitoring, XDR (Extended Detection and Response) for incident response actions
• Possess knowledge of a Security Operations Center (SOC) operations
• Must have technology experiences: Azure Sentinel, Azure Sentinel SOAR, Azure Playbooks, KQL Queries
• Sound Knowledge on JavaScript, C#, KQL or SQL development background
• Possess knowledge on log management, logs generated by various applications or appliances of IT infrastructure for SIEM event correlation
• Ability to define various SIEM use cases based on IT environment for better detection of anomalies
• Tools : Azure Sentinel, Log Analysis, KQL, Automation, SOAR
• Strong understanding of the SOC KPIs, establish SOC performance goals and priorities
• Manages security teams, monitors threat, implements security policies, and collaborates with other departments to ensure a comprehensive security posture.
• Understanding of the cybersecurity framework such as NIST, MITRE ATT&CK(attack lifecycle management)
• Manage communications, escalations, including taking corrective action for remediation.
• Excellent written and Verbal communication skill
• Knowledge on SOC automation related skills
• Knowledge of handling and using threat intelligence feeds for threat detection purposes. • Critical Incident lifecycle Management and Reporting Operations Management, Stakeholder Management and Vendor Management
• IT Security Certifications like CISSP, CISM, etc.

• Design, build, test, deploy Sentinel SIEM and Security Architectures
• Experience with Security Information and Event Management (SIEM) tools - mainly Sentinel and QRadar
• Preferred Certifications like Certification : AZ-900 ,SC-200 / AZ-500 and any other relevant SIEM certifications(OEM specific) etc.
• At least 3 years of professional experience with IT Security products and services, ideally related to Sentinel SIEM
• Understanding the technical aspects of the Information Security.
• Participate on interconnecting the Sentinel SIEM tool with sources of security incidents - e.g. logs from servers, network and security devices, Vulnerability Management system, Antivirus system, etc.
• Serve as deeply skilled and knowledgeable resource within the SIEM and SOAR technology area
• Participate on automation of the incidents prioritization and false positives identification
• Perform security incident analysis and recommend remediation steps