KSA SOC L2

At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not...ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

The KSA SOC L2 role is part of the KSA SOC team. Candidates in this role will be responsible for conducting incident response operations according to documented procedures and industry best practices. Candidates in this role must have excellent communication skills. Must have extensive experience in multiple security areas such as SIEM, IDS, APT, and WAF.Candidates will be required to participate in multiple intelligence communities and be able to disseminate pertinent information throughout the SOC team. Ideal candidates should have extensive experience in Linux and Windows operating systems as well as having a deep knowledge of networking and attack methods.Must display enthusiasm and interest in Information Security.

• Strong Analytical and Problem-Solving Skills
• Knowledge of network security zones, Firewall configurations, IDS policies
• Knowledge of systems communications from Layer 1 to 7
• Experience with Systems Administration, Middleware, and Application Administration
• Experience with Network and Network Security tools administration
• Knowledge of log formats and ability to aggregate and parse log data for syslog, http logs, DB logsfor investigation purposes
• In-depth experience with log search tools such as QRadar, Splunk and PA XSIAM, usage of regular expressions and natural language queries
• In-depth knowledge of packet capture and analysis
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat etc.)
• Experience with EDR tool to carry out incident detection and response.
• Ability to create a containment strategy and execute