SOC L0 Analyst

You should have an experience in Linux and Windows operating system.

You should be enthusiastic and show interest in Information Security.

Your role and responsibilities

As a L0 Analyst you will deal with cyber security, spam and phishing events as reported by SIEM, TIP, security tools, email, chat, phone calls or direct messages, with the final purpose to identify which event is a cyber security incident and to report GDPR-related events to the DPO.

In your daily work you will review alerts, threat intelligence and security data, identify threats that have entered the network and security gaps and vulnerability currently known. In this role, you will identify events according to documented procedures and industry best practices. You will be required to follow the incident response plan and assist Cyber Threat Response Analysts when necessary.

You will be part of the SOC team that runs 24x7, on a rotating shift schedule.

• First point of contact for cyber security and GDPR-related events

• First point of analysis of threat intelligence reports

• Support investigation of cyber security and GDPR-related incidents

• Conduct events triage

• Conduct spam and phishing analysis and reaction, and provide recommendations for future similar events

• Profile and trend events in the environment to determine if an incident needs to be created

• Provide incident communication and escalation as per the security incident response guidelines

• Create and deliver GDPR-related events reports and notices

• Hunt for suspicious anomalous activity based on data alerts or data outputs from various toolsets

• Escalate IT security tools issues, when necessary

• Create and maintain daily activity log

• Perform administrative tasks as per management request (ad-hoc presentations, trainings, etc.)

• Assist continuous improvement of processes and work with other teams to improve alerts and rules in the incident monitoring systems

Required education

High School Diploma/GED

Preferred education

High School Diploma/GED

Required technical and professional expertise

• At least one year experience in a similar role

• Experience with analyzing network and endpoint traffic

• Exposure to network devices, Microsoft Windows systems, UNIX systems, and other security assessment tools (NMAP, Nessus, Metasploit, Netcat, etc.)

• Experience on threat intelligence report analysis

• Experience with log management and security information management tools

• Experience with SIEM, SOAR, UBA, anti-malware, spam, phishing and TIP tools

• Knowledge of log formats from various log sources

• Knowledge of data protection regulation key principles

• English language at B2 level or above

Preferred technical and professional experience

• Experience with Splunk Enterprise Security solution (would be an advantage)

• Basic programming skills: Python, C/C++/Perl and other scripting languages (would be an advantage)

• An understanding of contemporary and legacy security technologies (e.g. IDS, Firewalls, IAM, SIEM)

Any of the following certificates will be a nice to have:

• Comptia Sec+, Comptia CySA+, CEH

• Security Essentials - SEC401 (optional GSEC certification)

• Intrusion Detection In Depth - SEC503 (optional GCIA certification)

• Hacker Guard: Security Baseline Training - SEC464

• Advanced Security Essentials - SEC501 (optional GCED certification)

• Hacker Techniques, Exploits & Incident Handling - SEC504 (optional GCIH certification)

ABOUT BUSINESS UNIT

IBM Consulting is IBM's consulting and global professional services business, with market leading capabilities in business and technology transformation. With deep expertise in many industries, we offer strategy, experience, technology, and operations services to many of the most innovative and valuable companies in the world. Our people are focused on accelerating our clients' businesses through the power of collaboration. We believe in the power of technology responsibly used to help people, partners and the planet.

YOUR LIFE @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you'll be able to learn and develop yourself and your career, you'll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

Are you ready to be an IBMer?

ABOUT IBM

IBM's greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we're also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business.

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it's time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualifiedapplicants will receive consideration for employment without regard to race,color, religion, sex, gender, gender identity or expression, sexualorientation, national origin, caste, genetics, pregnancy, disability,neurodivergence, age, veteran status, or other characteristics. IBM is alsocommitted to compliance with all fair employment practices regardingcitizenship and immigration status.

OTHER RELEVANT JOB DETAILS

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.