Cyber Security Engineer

Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. To lead in this new era of technology and solve some of the world's most challenging problems. Your Role and Responsibilities The Cyber Security Engineer is responsible for improving the telemetry, processes and tools for the SIEM/Monitoring systems and SOC team. This role requires proven experience with security telemetry, security intelligence, anomaly hunting and incident response. This role requires an analytical mindset and a deep knowledge of the current and emerging threat landscape. The ability to research a threat or vulnerability and to deliver clear and concise 'actionable intelligence' to mitigate against risk is essential. The Cyber Security Engineer will be expected to understand current network defense technology and to optimize or create new high value 'use cases' and rules to defend against the latest threats. The ability to research threats, create reports and to clearly articulate recommendations to senior members of the team is essential to this role. This role will be of interest to existing Cyber Security Engineers and to experienced network security engineers, alert handlers and incident response specialists. Existing security clearance is desirable but not essential. The Cyber Security Engineer will need to have a deep practical knowledge of network defense technologies such as Intrusion Detection System (IDS), Intrusion Prevention System (IPS), firewalls, antivirus, Directory Services and Security Incident and Event Management (SIEM) configuration. The Engineer will utilize this knowledge to help make informed decisions about how to achieve the highest standards of network defense as well as researching and investigating attack trends and other malicious activity. The Cyber Security Engineer is able to implement security 'best practice' recommendations and assess applications and networks for vulnerability, providing clear and concise reports with actionable intelligence and new use cases to detect/mitigate threats. The Cyber Security Engineer must possess strong analytical skill and be able to demonstrate a history of success in identifying and mitigating against network based threats and be able to clearly articulate their recommendations to senior members of the team. Client engagement, customer interaction and collaboration is important in this role. The Engineer may be required to travel and meet clients face to face and to communicate their security findings and recommendations, while gaining further insight of the client's network environment and their security needs. Required Technical and Professional Expertise Key Requirements and Skills • Understanding and application of the following security tools: Development / Configuration experience with any industry leading SIEM platform. • Knowledge in scripting languages including but not limited to Python, Pearl, JavaScript etc • Knowledge of current operating environments (Microsoft, Linux, & OS X) • Knowledge of ISAM Web Seal, LDAP, IGI • Knowledge of cloud focused security • Analyze network behaviors for malicious or undesirable behavior • Optimise use cases and rules to fine-tune performance • Develop new high value use cases and rules with a low probability of false positive • Provide actionable intelligence to defend against emerging threats • Ability to take on an Alert Handler or Incident Handers role • Ability to self-manage and work unsupervised • ISO 27001 knowledge is essential; preferably combined with implementation or initiation experience Preferred Technical and Professional Expertise • Deep understanding of network defense technologies such as IDS, IPS and Firewalls • Advance knowledge of Security Information and Event Management (SIEM) • Advanced knowledge of core internet and application protocols. • Working with network defense technologies including Firewalls IDS, IPS, DLP, UTM and WAF • With core Internet and application protocols including IP,TCP,UDP,ICMP, DNS, HTTP, SQLexperience • Firewall log analysis and ACL configuration • IDS/IPS alert analysis and signature development • Working with SIEM technologies such as Qradar, ArcSight, Splunk, Logrhythm • Working with content filtering technologies such as web and application proxies, Industry recognized qualifications • Such as CISSP, GCIH, CCFP, CCNA, GCIA • Ethical Hacking, Security Assessment, Penetration Testing, Cyber forensics • Alert Handler, Incident Handler • Devops toolsets - Github, Jenkins, Jira etc About Business Unit IBM is a leading provider of enterprise security solutions. Named by industry analysts as a leader in 12 security market segment categories, IBM Security is a multi-billion dollar business that is rapidly growing. In an industry focused on building walls, IBM Security is focused on creating an open, connected security ecosystem that leverages AI and cloud to help clients improve compliance, stop threats, and grow their business securely. Join our global team of IBM Security employees in protecting the world, and helping our clients thrive in the face of cyber uncertainty. Your Life IBM What matters to you when you're looking for your next career challenge? Maybe you want to get involved in work that really changes the world. What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible. Impact. Inclusion. Infinite Experiences. Do your best work ever. About IBM IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries. Location Statement Hursley based role. Being You IBM IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.