Saltar al contenido
Introducción

The SOC Consultant monitors security events from the various SOC entry channels (SIEM, Tickets, Email and Phone), based on the security event severity, escalate to managed service support teams, tier2 information security specialists, and/or customer as appropriate to perform further investigation and resolution.

Su función y responsabilidades
  • Integration of OS/APP Devices:
    • Integrate Linux, Windows, Unix, and other OS devices into the SIEM platform.
    • Develop custom parsers and configure data sources for proper log ingestion from various operating systems.
    • Collaborate with application teams to onboard and deboard devices and data sources in SIEM.
  • Non-Logging Device Monitoring:
    • Monitor and troubleshoot non-logging devices to ensure continuous log collection across the environment.
    • Develop and optimize automation for identifying and resolving non-logging device issues.
    • Implement and maintain scripts for automated log collection service restarts (e.g., rsyslog, Nxlog) to reduce manual intervention.
    • Create monitoring spotter queries and configure alerting for devices failing to log correctly.
  • Collaboration with Application Owners:
    • Work closely with application owners to troubleshoot API, DB, and syslog-based log collection issues.
    • Ensure that log collection configurations and connectivity between the OS devices and SIEM log collectors are correctly maintained.
  • Automation & Process Optimization:
    • Develop automation playbooks for log monitoring and integration workflows using SOAR platforms.
    • Create and maintain Standard Operating Procedures (SOPs) for OS device integration and non-logging monitoring activities.
  • Continuous Improvement:
    • Proactively identify opportunities to improve the monitoring of device integrations and log collection processes.
Educación requerida
Licenciatura
Educación preferida
Licenciatura
Experiencia profesional y técnica requerida
  • 3+ years of experience with SIEM platforms (e.g., Securonix, QRadar, Splunk, etc.).
  • Proven experience in integrating various OS devices (Linux, Windows, Unix) with SIEM platforms.
  • Experience in non-logging device monitoring and troubleshooting log collection failures.
  • Knowledge of log collection protocols (syslog, rsyslog, Nxlog, etc.).
  • Strong scripting skills (Python, Shell, PowerShell) for automation tasks.
  • Experience with SOAR platforms for automation of monitoring and response playbooks.
  • Familiarity with API and DB log collection techniques and troubleshooting.
  • Hands-on experience with log ingestion, data source configuration, and monitoring.
Experiencia técnica y profesional preferida

·       Bachelor’s degree relevant to Information Technology, Computer Science/Engineering (or equivalent).

·       Certification (Preferred): Palo-alto XSOAR, CompTIA Security+, AZ-200, AZ-900, SIEM Fundamentals.

Acerca de la Unidad de Negocios

IBM Consulting es la unidad de negocio encargada de la consultoría y servicios profesionales globales de IBM, con capacidades líderes en el mercado en transformación empresarial y tecnológica. Con una gran experiencia en diversas industrias, ofreciendo servicios de estrategia, experiencia, tecnología y operaciones a muchas de las empresas más innovadoras y valiosas del mundo. IBMers en Cosnulting se enfocan en acelerar los negocios de nuestros clientes a través del poder de la colaboración. Creemos en el poder de la tecnología utilizada de manera responsable para ayudar a las personas, los socios y el planeta.

SU VIDA @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

Acerca de IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Otros detalles relevantes del empleo

When applying to jobs of your interest, we recommend that you do so for those that match your experience and expertise. Our recruiters advise that you apply to not more than 3 roles in a year for the best candidate experience. For additional information about location requirements, please discuss with the recruiter following submission of your application.