Saltar al contenido
Introducción

A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe.
You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for your clients is enabled by our strategic partner ecosystem and our robust technology platforms across the IBM portfolio, including Software and Red Hat.
Curiosity and a constant quest for knowledge serve as the foundation to success in IBM Consulting. In your role, you'll be encouraged to challenge the norm, investigate ideas outside of your role, and come up with creative solutions resulting in groundbreaking impact for a wide network of clients. Our culture of evolution and empathy centers on long-term career growth and development opportunities in an environment 

Su función y responsabilidades

Key Responsibilities

Platform Strategy & Engineering:

  • Act as the Subject Matter Expert (SME) and technical owner for the Cortex XSIAM, XSOAR, and XDR platforms.

Implement, and manage the entire Cortex ecosystem, ensuring seamless integration and data flow between XDR, XSOAR, and XSIAM.

  • Lead platform upgrades, performance tuning, and capacity planning to maintain a highly available and scalable security infrastructure.
  • Develop and enforce governance models, including user roles, access controls, and operational procedures.

Security Automation & Orchestration (XSOAR):

  • Design and deploy sophisticated automation playbooks in XSOAR to automate incident triage, investigation, and response across the enterprise.
  • Develop custom integrations using Python, REST APIs, and other methods to connect XSOAR with IT, cloud, and security systems (e.g., ITSM, Firewalls, Cloud IAM, Email Security).
  • Continuously refine and optimize automation playbooks to reduce manual tasks for the SOC, minimizing Mean Time to Respond (MTTR).
  • Create and maintain comprehensive documentation for all automations and integrations.

 

Extended Detection & Response (XDR) & Network Traffic Analysis (NTA):

·       Manage and optimize the Cortex XDR deployment for prevention, detection, and response across endpoints.

·       Configure and fine-tune the PaloAlto NTA platform to monitor network traffic, detect anomalous behavior, and identify devices.

·       Correlate endpoint data from XDR with network-level insights from NTA to build a multi-layered understanding of attacks.

·       Perform deep-dive investigations and threat hunts using the combined power of EDR and NTA telemetry.

Unified Data & Analytics (XSIAM):

  • Leverage XSIAM as the central data lake for security analytics, ensuring optimal data ingestion and normalization from XDR, XSOAR, and other sources.
  • Fine-tune high-fidelity detection rules using XQL (XSIAM Query Language) to identify advanced threats that span endpoints, network, and cloud.
  • Exploit the integrated AI/ML capabilities within XSIAM to uncover stealthy attack patterns and perform cross-correlation analysis.

Collaboration & Leadership:

  • Mentor SOC analysts and L2 engineers on effective use of the Cortex platform for investigation and response.
  • Translate threat intelligence and analyst workflows into technical requirements and platform enhancements.
  • Lead projects to enhance our security posture through the adoption of new Cortex features and capabilities.
Educación requerida
Licenciatura
Educación preferida
Maestría
Experiencia profesional y técnica requerida

Required Qualifications & Experience

  • 6+ years of hands-on experience in cybersecurity, with a focus on security engineering, SOC automation, or incident response.
  • 3+ years of proven, deep technical experience with the Palo Alto Cortex platform, specifically:
    • XSOAR: Demonstrable experience in developing and coding complex playbooks. Proficiency with the XSOAR development environment is a must.
    • XDR: Strong hands-on experience in managing the endpoint security platform, including policy configuration, agent troubleshooting, and incident analysis.
    • XSIAM: Practical experience with data ingestion, writing XQL queries, and building custom detection rules.

o   NTA: Demonstrable experience in deploying, configuring, and using a network traffic analysis tool for threat detection (Palo Alto NTA Security preferred).

 

  • Good programming/scripting skills in Python for developing custom automations and API integrations will have added advantage.
  • Better understanding of REST APIs, JSON, and data structures.
  • Knowledge of modern attack vectors, the MITRE ATT&CK framework, and the incident response lifecycle.
  • Experience with cloud security concepts and platforms (AWS, Azure, or GCP).
Experiencia técnica y profesional preferida

Preferred Qualifications

  • Atleast one mandatory certification require or more Palo Alto Networks certifications:
    • PCCSE (Cortex Certified Security Engineer)
    • PCXSA (Cortex XSOAR Certified Automation Engineer)
    • PCXSI (Cortex XSIAM Certified Administrator)
    • PCDRA (Cortex XDR Certified Administrator)
  • Experience integrating security tools with IT infrastructure (e.g., Active Directory, SIEM, Proxies, Cloud APIs).
  • Excellent communication and documentation skills, with the ability to explain complex technical concepts to a variety of audiences.

Acerca de la Unidad de Negocios

IBM Consulting es la unidad de negocio encargada de la consultoría y servicios profesionales globales de IBM, con capacidades líderes en el mercado en transformación empresarial y tecnológica. Con una gran experiencia en diversas industrias, ofreciendo servicios de estrategia, experiencia, tecnología y operaciones a muchas de las empresas más innovadoras y valiosas del mundo. IBMers en Cosnulting se enfocan en acelerar los negocios de nuestros clientes a través del poder de la colaboración. Creemos en el poder de la tecnología utilizada de manera responsable para ayudar a las personas, los socios y el planeta.

SU VIDA @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

Acerca de IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 500 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, disability, neurodivergence, age, or other characteristics protected by the applicable law. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Otros detalles relevantes del empleo

When applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience. For additional information about location requirements, please discuss with the recruiter following submission of your application.