Introduction
Stay up to date with the latest SIEM/SOAR technologies, industry trends, and best practices.
Your role and responsibilities
We are seeking a skilled and experienced Security Consultant focused on SIEM, Security Automation and Response (SOAR), and overall SOC technology capabilities to join our team. The ideal candidate will possess a deep understanding of SIEM/SOAR technologies and related solutions, with expertise in designing, implementing, and optimising security automation and orchestration strategies for our clients.
The SIEM/SOAR Consultant will work closely with clients to understand their security needs, architect tailored security tool plans and deployments, and ensure successful project delivery.
Responsibilities
* Client Engagement and Relationship Management: Engage with clients to understand their security requirements, pain points, and business objectives.
* Develop and maintain strong client relationships, ensuring customer satisfaction and driving repeat business.
* SIEM/SOAR Architecture and Design: Design and architect SOAR solutions based on clients' unique security needs and infrastructure.
* Suggest and evaluate different SIEM/SOAR technologies, comparing and contrasting solutions for clients.
* Create detailed technical documentation, including architecture diagrams, implementation plans, and configuration guides.
* Deployment and Configuration: Lead the deployment of SOC platforms, ensuring adherence to best practices and security standards.
* Correctly size tools to vendor specifications to meet clients' needs, including specific vendor add-ons and their optimisation to meet customer demands.
* Design the integration of SIEM/SOAR platforms with other security tools, such as firewalls, intrusion detection systems, and endpoint protection platforms.
* Assist with hands‐on coding of these tools when required.
* Playbook and Workflow Development: Develop and maintain playbooks, workflows, and automation scripts using SIEM/SOAR tools.
* Collaborate with clients to refine and enhance playbooks based on their specific use cases and requirements.
* Incident Response and Orchestration: Assist clients in developing and refining incident response strategies using SIEM/SOAR automation and orchestration capabilities.
* Support clients in managing and coordinating security incidents, leveraging SIEM/SOAR investigation and orchestration features.
* Training and Knowledge Transfer: Deliver training sessions and workshops to clients' security teams, covering tool features, best practices, and customization.
* Facilitate knowledge transfer and capacity building within client organisations.
* Project Management: Manage multiple concurrent projects, ensuring timely delivery within budget and scope.
* Collaborate with internal teams, including pre‐sales, professional services, and support, to ensure seamless project execution.
* Identify project gaps and address them as required for successful completion.
* Continuous Improvement and Innovation: Stay up to date with the latest SIEM/SOAR technologies, industry trends, and best practices.
* Contribute to the continuous improvement of our SOAR consulting services and methodologies.
Required technical and professional expertise
* Education and Certifications:
o • Bachelor's degree in Computer Science, Information Technology, or a related field.
o • Relevant SOAR certifications (e.g., IBM Resilient, Demisto (XSOAR), XSIAM or vendor‐specific certifications) highly desirable.
o • Relevant SIEM certifications (e.g., administrator or architect level) in SIEM vendor technologies.
o • Relevant Security Certification (e.g., GIAC, CISSP) highly desirable.
* Experience:
o • Minimum of 3 years' experience in SOC tools consulting, with additional experience as a user, administrator, or operator.
o • Proven track record of designing, implementing, and optimising SOAR solutions.
* Technical Skills:
o • Extensive knowledge of SIEM/SOAR technologies and platforms, such as IBM Qradar, IBM Resilient, Splunk/Phantom or Demisto (Palo Alto Cortex XSOAR).
o • Proficiency in automation tools and scripting languages (e.g. Python, PowerShell, Bash).
o • Strong understanding of security orchestration, automation, and response (SOAR) concepts and best practices.
o • Familiarity with other security solutions, such as incident response platforms, threat intelligence platforms, and Security Information and Event Management (SIEM) systems.
Preferred technical and professional experience
* Soft Skills:
o Excellent communication and presentation skills.
o Strong problem‐solving and analytical abilities.
o Effective time management and project management skills.
o Ability to work independently and collaboratively in a fast‐paced environment.
If you are a motivated and experienced SIEM/SOAR Architect‐Consultant looking to grow your career with a leading cybersecurity services provider, we encourage you to apply. Join our team and help clients enhance their security operations and incident response maturity.
IBM is committed to creating a diverse environment and is proud to be an equal‐opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.
#J-18808-Ljbffr