Passer au contenu
Introduction

The Blue Squad Leader provides cross-disciplinary and cross-platform leadership of TDR operations to achieve the client's security objectives and optimal technical outcomes. The Blue Squad Leader serves as a highly specialized extension of the client's security apparatus to optimize the full spectrum of TDR capabilities: threat insight, prevention, detection, response, and recovery.

Votre rôle et vos responsabilités
  • Establish and maintain an intimate situational awareness of the client's security organization, objectives, decision-making, posture, and threat landscape to guide TDR operations.
  • Provide internal, technical leadership of TDR operations to optimize the overall service and SIEM/EDR environments, ensure the implementation of best practices and client feedback, and drive the resolution of risks and issues.
  • Analyze TDR operational metrics and KPIs for risks, issues, and opportunities to recommend actions to advance the overall service and the client's security posture.
  • Lead weekly reviews with the client to maintain operational alignment, facilitate service delivery, and close feedback loops.
  • Analyze and brief TDR operational metrics and KPIs included in periodic reviews owned by the SSAM.
  • Internally align TDR operations with the client's security program maturity roadmap established in collaboration with SIOC.
  • Capture TDR operational training gaps, platform requirements, and solution and support requirements exceptional to the contracted service, communicate to the appropriate IBM owners, and champion resolution.
  • Participate in the evaluation and implementation of custom reporting requirements to tailor TDR operational reviews and the client's visibility to their security program objectives.
  • Enhance TDR operational support to high severity Security Incidents by facilitating internal, operational communications and conducting post-recovery reviews to identify TDR lessons learned. Develop and track action plans to address TDR lessons learned.
  • Review X-Force Red penetration test reports to identify IBM lessons learned. Develop and track action plans to address TDR lessons learned.
Formation requise
Licence
Formation préférée
Licence
Expertise professionnelle et technique requise

 

  • Technical leadership of personnel in the Cybersecurity field – 3 Years

  • Direct experience working in a client-facing role interacting at multiple levels from security engineers and analysts to Managers, Directors and VPs – 3 Years

  • Network/system traffic/event analysis – 5 Years

  • Threat analysis experience – 5 Years

  • Experience with SIEM platforms – 5 Years

  • Active CompTIA Security+ or equivalent certification

 

 

Education

  • Required: B.S. in Computer Science, Information Security, or related field

 

Expertise professionnelle et technique préférée

  • Experience delivering IBM Managed Security Services

  • Experience in multiple technical roles within a SOC (Threat Monitoring Analyst, SIEM Administrator, Security Correlation Engineer, Escalation Engineer, Threat Intelligence Analyst, etc.)

  • Experience with tools such as SOAR (Resilient), Vulnerability Management (Qualys), AV/End Point (Trend Micro, McAfee ePO)

  • Experience with firewalls and intrusion prevention/detection systems, including the ability to demonstrate a mature understanding of networking best practices

  • Experience with security compliance related to FISMA, NIST, and related security and risk management regulations

  • Experience with Linux and Windows operating systems

  • Active CompTIA CySA+, GIAC Certified Intrusion Analyst (GCIA) or equivalent certification

Education

  • Preferred: M.A/M.S. in Computer Science, Information Security, or related field

 

 

À propos de la Business Unit

IBM Consulting est l'activité de conseil et de services professionnels mondiaux d'IBM, avec des capacités de pointe dans la transformation des entreprises et des technologies. Avec une expertise approfondie dans de nombreux secteurs, nous offrons des services de stratégie, d'expérience, de technologie et d'exploitation à un grand nombre des entreprises les plus innovantes et les plus précieuses du monde. Nos collaborateurs se concentrent sur l'accélération des activités de nos clients grâce au pouvoir de la collaboration. Nous croyons au pouvoir de la technologie utilisée de manière responsable pour aider les gens, les partenaires et la planète.

VOTRE VIE CHEZ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

À propos d'IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

IBM is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.

Autres détails pertinents sur le poste

IBM wants you to bring your whole self to work and for you this might mean the ability to work flexibly. If you are interested in a flexible working pattern, please talk to our recruitment team to find out if this is possible in the current working environment.