- Ufficio in Chennai
Introduction
A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.
Your role and responsibilities
As a Security Consultant specializing in Intelligence & Operations, you play a crucial role in helping Client IT understand and address key security issues, exposures, and vulnerabilities. Your expertise in security intelligence and operations enables you to articulate effective security strategies and mitigation measures. Your primary responsibilities will include: • Develop Security Strategies: Apply security principles, counter-threat intelligence, and knowledge of security intelligence and operations to develop and recommend effective security strategies, programs, plans, and mitigation measures. • Enhance Security Posture: Utilize proactive threat hunting and intelligence-driven defense strategies to enhance Client IT's security posture. • Articulate IBM's SIOC and SIEM: Clearly communicate IBM's Security Intelligence and Operations Center (SIOC) and Security Information and Event Management (SIEM) points of view, including financial implications. • Leverage Threat Intelligence: Apply hands-on experience with tools like QRadar to analyze and mitigate various cyber threats. • Collaborate with Clients: Work closely with Client IT to understand their security needs and deliver tailored security solutions.
Required technical and professional expertise
• Security Intelligence Knowledge: Exposure to security intelligence and operations, including security principles and counter-threat intelligence, to develop effective security strategies and mitigation measures. • Threat Analysis Experience: Hands-on experience with tools like QRadar to analyze and mitigate various cyber threats. • Security Strategy Development: Experience working with security strategies, programs, plans, and mitigation measures to address key security issues and vulnerabilities. • Security Posture Enhancement: Exposure to proactive threat hunting and intelligence-driven defense strategies to enhance security posture. • Security Solution Delivery: Experience working with clients to understand their security needs and deliver tailored security solutions.
Managing the XSIAM platform lifecycle
Ensuring data ingestion, normalization, and availability
Supporting SOC teams with a stable, optimized, and scalable environment
Maintaining integrations, automation, and system health
Configure and maintain:
XSIAM tenant settings
User roles & RBAC (Role-Based Access Control)
Data retention policies
Manage:
Multi-tenant setups (if applicable)
Data privacy and access controls
Onboard and integrate log sources:
Firewalls (Palo Alto NGFW)
Endpoints (Cortex XDR Agents)
Cloud platforms (AWS, Azure, GCP)
Identity providers (Azure AD)
Ensure:
Proper log parsing & normalization
Schema mapping (XSIAM data models)
Troubleshoot:
Missing logs
Parsing errors
Data delays or ingestion failures
Monitor and optimize:
Data ingestion pipelines
Storage utilization
Query performance
Tune data to:
Reduce noise
Improve signal-to-noise ratio
Manage:
Hot/cold storage tiers (if applicable)
Deploy and maintain:
Detection rules
Correlation policies
Assist SOC / Detection Engineers in:
Testing detection logic
Troubleshooting rule performance
Reduce:
False positives / false negatives
Configure and maintain:
Cortex XSIAM playbooks (SOAR capabilities)
Integrate:
APIs with third-party tools (ticketing, EDR, IAM)
Ensure:
Playbooks execute reliably
Automation reduces manual effort
Create and manage:
User accounts
Roles and permissions
Enforce:
Least privilege access
Secure authentication (SSO, MFA)
Continuously monitor:
Platform performance
Integration status
Agent health (XDR agents)
Identify and resolve:
Connectivity issues
System errors
Perform:
Routine health checks and audits
Preferred technical and professional experience
• Hands-on QRadar Experience: Exposure to utilizing QRadar for analyzing and mitigating various cyber threats, enhancing security posture through proactive threat hunting and intelligence-driven defense strategies. • Cyber Threat Knowledge: Familiarity with various cyber threats, including understanding of security intelligence and operations to develop effective security strategies and mitigation measures. • Financial Implication Understanding: Exposure to articulating financial implications of security strategies, programs, plans, and mitigation measures, including IBM's SIOC and SIEM points of view.
IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
Candidarsi ora
