|
Search Jobvertise Jobs
|
Jobvertise
|
Security Analyst Location: IN-Ahmedabad Email this job to a friend
Report this Job
Job DescriptionIntroduction At IBM, work is more than a job it s a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you ve never thought possible. Are you ready to lead in this new era of technology and solve some of the world s most challenging problems If so, lets talk. Your Role and Responsibilities As part of our detection engineering team in IBM Security, you will operate within a realm of constant change and be the vanguard in identifying and countering sophisticated threats. This role goes beyond the traditional boundaries of mere threat detection. It s about proactive threat hunting, in-depth analysis, and being one step ahead in the rapidly evolving cyber threat landscape. You will work with one of the world s best threat intelligence and incident response teams to understand the cyber threat adversaries and the approaches to investigate. You will build new detections for our SIEM and EDR products. Your insights and innovations will power IBM products to detect, triage, and respond to new threats to help our users to stay ahead of threats. Responsibilities: - Collect, process, and contextualize existing detections from internal teams and 3rd-party sources
- Leverage internal and external threat intelligence to create new detections of adversary TTPs
- Identify detection gap continuously with MITRE ATT&CK framework
- Measure detection efficacy to continuously improve detection
- Adopt the Detection-as-Code approach in detection engineering
- Work with data scientists and software engineers to create new enrichment modules or machine learning models
- Analyze the telemetry from IBM security products to identify ways to improve their efficacy through new detection, enrichment, or response content.
Required Technical and Professional Expertise - 5+ years of IT experince
- Experience in designing new detections for EDR and SIEM platforms with a firm understanding of endpoint, network operations and how cyber actors exploit them.
- Experience in building tests for detections including building red-team attacks
- Experience with scripting and software development.
- Experience with SIGMA, KQL, STIX, and other detection languages
- Proficiency in various programming languages such as Python, C++, Java, or Ruby.
Preferred Technical and Professional Expertise - Experience in reverse engineering of PE files
- Active participation in the cybersecurity community
- Innovative mindset with the drive to constantly think about ways to improve and build new capabilities to enhance our ability to detect, understand and respond to threats
- Experience in enterprise application development and administration, preferably on security products
- Knowledge of security compliance standards such as HIPAA, PCI, FISMA, and GDPR
Employement Category:Employement Type: Full time Industry: IT Services & Consulting Role Category: General / Other Software Functional Area: Not Applicable Role/Responsibilies: Security Analyst
IBM India
|