Lo sentimos, la oferta no está disponible,
pero puedes realizar una nueva búsqueda o explorar ofertas similares:

Latam Ap Analyst

**Job Description**:Collaborate with innovative 3Mers around the worldThis function will be responsible for processing accounts payable for Direct and Indire...


Desde 3M - Alajuela

Publicado a month ago

Sr Systems Engineer I

**Job Type**: Full-Time Overview:Hi, we're SmileDirectClub, and we're big believers that everyone should have access to a smile they love. We also believe th...


Desde Smiledirectclub - Alajuela

Publicado a month ago

Service Desk Analyst (French)

**Service Desk Analyst****Your work**:- To ensure that requests for assistance are accurately logged, assigned and responded to in a timely manner, according...


Desde Dhl - Alajuela

Publicado a month ago

Software Engineer, Enterprise Automations

Splunk is here to build a safer and more resilient digital world. The world's leading enterprises use our unified security and observability platform to keep...


Desde Splunk - Alajuela

Publicado a month ago

Cyber Threat Hunter

Cyber Threat Hunter
Empresa:

Ibm


Detalles de la oferta

Introduction At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.

Your Role and Responsibilities
Empowered. Innovative. Inspiring. Creative. Intense. These are all words we use to describe life at IBM Cloud Company.

At IBM, creating innovative IT solutions for global companies is only the beginning. Our clients need to ensure that their world-class systems not only meet business requirements, but are secure and reliable. That's where you come in.
Security Analyst - Security Operations Center
As a Cyber Threat Hunter, you will be responsible for participating in threat actor based investigations, creating new detection methodologies, and providing expert support to incident response and monitoring functions. The focus of the Threat Hunter is to detect, disrupt and the eradication of threat actors from enterprise networks. To execute this mission, the Threat Hunter will use data analysis, threat intelligence, and cutting-edge security technologies. You will also directly support the Security Operations Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.

Responsibility

- General SIEM monitoring, analysis, content development, and maintenance.
- Research, analysis, and response for alerts; including log retrieval and documentation.
- Conduct analysis of network traffic and host activity across a wide array of technologies and platforms.
- Assist in incident response activities such as host triage and retrieval, malware analysis, remote system analysis, end-user interviews, and remediation efforts.
- Compile detailed investigation and analysis reports for internal SOC consumption and delivery to management.
- Track threat actors and associated tactics, techniques, and procedures (TTPs).
- Capture intelligence on threat actor TTPs and develop countermeasures in response to threat actors.
- Analyze network traffic, IDS/IPS/DLP events, packet capture, and FW logs.
- Analyze malicious campaigns and evaluate effectiveness of security technologies.
- Develop advanced queries and alerts to detect adversary actions.
- Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting- edge security technologies.
- Assist in the design, evaluation, and implementation of new security technologies.
- Lead response and investigation efforts into advanced/targeted attacks.
- Hunt for and identify threat actor groups and their techniques, tools and processes.
- Provide expert analytic investigative support of large scale and complex security incidents.
- Perform Root Cause Analysis of security incidents for further enhancement of alert catalog.
- Continuously improve processes for use across multiple detection sets for more efficient Security Operations.
- Review alerts generated by detection infrastructure for false positive alerts and modify alerts as needed.
- Develop dashboards and reports to identify potential threats, suspicious/anomalous activity, malware, etc.
- Provide analysis of network packet captures, DNS, proxy, Netflow, malware, host-based security and application logs, as well as logs from various types of security sensors.

Who are the primary teams this person will work with?

Cloud SOC
Bluemix Infrastructure SOC
MSS SOC
SOS Tools
IaaS, PaaS, SaaS and Cloud Business Units contacts.
Business Unit and Bluemix Infrastructure Executives

Required Technical and Professional Expertise

- 5+ years experience of cyber security experience in IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center.
- Experience with risk and vulnerability management, threat analysis, security auditing and monitoring.
- Strong analytical and investigation skills & active threat hunting and adversary tracking.
- Excellent written and oral communication skills
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity
- Convert intelligence into actionable mitigation and technical control recommendations.
- Working knowledge of security architectures, devices and threat intelligence consumption and management.
- Working knowledge of root causes of malware infections and proactive mitigation.
- Working knowledge of lateral movement, footholds, and data exfiltration techniques
- English level: Advance

Preferred Technical and Professional Expertise
Knowledge of the underlying logic that security alerts are built upon and apply them when analyzing raw logs and creating new dashboards and alerts.
Recognize complex problems, analyze situations and provide suggested/implemented resolution(s)
Experience and knowledge of packet flow, TCP/UDP traffic, firewall technologies, IDS technologies, proxy technologies, and antivirus, spam and spyware solutions.
Provide leadership and guidance to the team and act as a resource to the team members .
Experience with one or more scripting languages (e.g., Python, JavaScript, Perl)
Perform memory analysis and malware analysis
Experience with computer exploitation methodologies

About Business Unit
Digitization is accelerating the ongoing evolution of business, and clouds - public, private, and hybrid - enable companies to extend their existing infrastructure and integrate across systems. IBM Cloud provides the security, control, and visibility that our clients have come to expect. We are working to provide the right tools and environment to combine all of our client's data, no matter where it resides, to respond to changing market dynamics.

Your Life @ IBM
What matters to you when you're looking for your next career challenge?

Maybe you want to get involved in work that really changes the world? What about somewhere with incredible and diverse career and development opportunities - where you can truly discover your passion? Are you looking for a culture of openness, collaboration and trust - where everyone has a voice? What about all of these? If so, then IBM could be your next career challenge. Join us, not to do something better, but to attempt things you never thought possible.

Impact. Inclusion. Infinite Experiences. Do your best work ever.

About IBM
IBM's greatest invention is the IBMer. We believe that progress is made through progressive thinking, progressive leadership, progressive policy and progressive action. IBMers believe that the application of intelligence, reason and science can improve business, society and the human condition. Restlessly reinventing since 1911, we are the largest technology and consulting employer in the world, with more than 380,000 IBMers serving clients in 170 countries.

Location Statement
For additional information about location requirements, please discuss with the recruiter following submission of your application.

Being You @ IBM
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.


Fuente: Bebee2

Requisitos


Conocimientos:
Cyber Threat Hunter
Empresa:

Ibm


Built at: 2024-03-29T13:20:58.467Z