Pular para o conteúdo
Introdução

    The Cybersecurity Threat Detection Engineer will be responsible for working with all levels of the security program from senior level management to technical rule development engineers and must be able to communicate and present ideas, solutions and evidence using charts and visual workflows

Sua Função e suas Responsabilidades

IBM CISO office is seeking an experienced Cybersecurity Threat Detection Engineer.

This position requires excellent leadership, Detection Engineering, cyber security threat intelligence experience and program management skills. This role will serve as a technical leader for the use case development and standardization effort which will drive use case prioritization and road map development across multiple platforms. The selected candidate will work with various technical teams to develop and enhance use cases and rules across multiple teams and will adapt the road map as needed to meet the vision of the IBM CISO office and the changing threats to the environment.

Job Duties:

·        The Cybersecurity Threat Detection Engineer will be responsible for working with all levels of the security program from senior level management to technical rule development engineers and must be able to communicate and present ideas, solutions and evidence using charts and visual workflows

·        They will perform business use requirement reviews and development with senior level business and application owners.

·        They will work with threat intelligence analysts and threat hunters to understand the threats environment and assist in the development of use cases.

·        They will work with monitoring, triage, and response analysts to understand their visibility requirements.

·        They will prioritize the use case road map and lead the use case development work, along with several members of the use case development team. They will track the use case development work to ensure it is performed in the agreed upon development time frames.

·        They will be highly organized and able to manage and work on multiple workstreams at the same time 

Formação requerida
Diploma do ensino médio/DEEM
Formação preferencial
Bacharelado
Experiência Profissional e Técnica Requerida

Required Knowledge, Skills and Abilities

·        Critical thinking and problem-solving skills

·        Use Case development and implementation

·        Experienced developing Use Cases in multiple query languages

·        Expert in Regular expression 

·        Strong written/verbal communication skills

·        Passion for information security and data security

·        Strong written/verbal communication skills

·        Strong interpersonal and organization skills

·        Knowledge in an industry recognized Security Response Framework

·        Proficient in rule creation and modification

·        Strong understanding of reference sets, reference tables, reference maps and how they interact with rules

·        Proficient in query language searching. 

·        Broad experience in computer and network systems, including IT security.

·        Experience in developing, deploying, and operating applications, software, and services.

·        Leadership to drive best practices across organizations.

·        Experience in collaboration and unifying business areas to ensure business needs are met.

Experiência Profissional e Técnica Preferencial
  • Proficient in Microsoft MDE/Crowdstrike Falcon/Uptycs/Cortex XSIAM rule creation and modification
  • Relevant industry recognized certifications (Sec+, Network+, CySA+, CCNA, Linux+, etc.)
  • Strong understanding of networking protocols.
  • Experience in fast-paced response.  
  • Experience with programming or scripting languages is a plus.
  • Experience with SIEM tools is a plus.
  • Experience with EDR platforms, such as Cortex XSIAM, Microsoft Defender ATP, Uptycs, and Crowdstrike Falcon.
  • Experience with cloud computing platforms, e.g. IBM Cloud, AWS, Azure.
  • System administration skills for Windows and Linux.

Sobre a Unidade de Negócios

O IBM Systems ajuda os líderes de TI a pensarem de maneira diferente sobre sua infraestrutura. Os servidores e armazenamentos da IBM não são mais inanimados. Eles podem entender, raciocinar e aprender para que nossos clientes possam inovar, evitando problemas de TI. Nossos sistemas alimentam as indústrias mais importantes do mundo e nossos clientes são os arquitetos do futuro. Junte-se a nós para ajudar a construir nosso portfólio de tecnologia de ponta, projetado para negócios cognitivos e otimizado para computação em nuvem.

SEU LIFE @ IBM

In a world where technology never stands still, we understand that, dedication to our clients success, innovation that matters, and trust and personal responsibility in all our relationships, lives in what we do as IBMers as we strive to be the catalyst that makes the world work better.

Being an IBMer means you’ll be able to learn and develop yourself and your career, you’ll be encouraged to be courageous and experiment everyday, all whilst having continuous trust and support in an environment where everyone can thrive whatever their personal or professional background.

 

Our IBMers are growth minded, always staying curious, open to feedback and learning new information and skills to constantly transform themselves and our company. They are trusted to provide on-going feedback to help other IBMers grow, as well as collaborate with colleagues keeping in mind a team focused approach to include different perspectives to drive exceptional outcomes for our customers. The courage our IBMers have to make critical decisions everyday is essential to IBM becoming the catalyst for progress, always embracing challenges with resources they have to hand, a can-do attitude and always striving for an outcome focused approach within everything that they do.

 

Are you ready to be an IBMer?

Sobre a IBM

IBM’s greatest invention is the IBMer. We believe that through the application of intelligence, reason and science, we can improve business, society and the human condition, bringing the power of an open hybrid cloud and AI strategy to life for our clients and partners around the world.

 

Restlessly reinventing since 1911, we are not only one of the largest corporate organizations in the world, we’re also one of the biggest technology and consulting employers, with many of the Fortune 50 companies relying on the IBM Cloud to run their business. 

 

At IBM, we pride ourselves on being an early adopter of artificial intelligence, quantum computing and blockchain. Now it’s time for you to join us on our journey to being a responsible technology innovator and a force for good in the world.

Outros detalhes relevantes do cargo

IBM offers a competitive and comprehensive benefits program. Eligible employees may have access to:

  • Healthcare benefits including medical & prescription drug coverage, dental, vision, and mental health & well being
  • Financial programs such as 401(k), the IBM Employee Stock Purchase Plan, financial counseling, life insurance, short & long- term disability coverage, and opportunities for performance based salary incentive programs
  • Generous paid time off including 12 holidays, minimum 56 hours sick time, 120 hours vacation, 12 weeks parental bonding leave in accordance with IBM Policy, and other Paid Care Leave programs. IBM also offers paid family leave benefits to eligible employees where required by applicable law
  • Training and educational resources on our personalized, AI-driven learning platform where IBMers can grow skills and obtain industry-recognized certifications to achieve their career goals
  • Diverse and inclusive employee resource groups, giving & volunteer opportunities, and discounts on retail products, services & experiences


We consider qualified applicants with criminal histories, consistent with applicable law.


This position was posted on the date cited in the key job details section and is anticipated to remain posted for 21 days from this date or less if not needed to fill the role.

IBM will not be providing visa sponsorship for this position now or in the future. Therefore, in order to be considered for this position, you must have the ability to work without a need for current or future visa sponsorship.

The compensation range and benefits for this position are based on a full-time schedule for a full calendar year. The salary will vary depending on your job-related skills, experience and location. Pay increment and frequency of pay will be in accordance with employment classification and applicable laws. For part time roles, your compensation and benefits will be adjusted to reflect your hours. Benefits may be pro-rated for those who start working during the calendar year.