As a Security Services Specialist you will apply your cyber security knowledge and skills to defend our clients from increasingly complex and persistent cyber threats using our advanced and industry leading security tools and products, best practices, and following robust security operations processes and procedures.
Working with a team of security professionals in a 24x7x365 shift rotation, you will be involved in security events analysis and triage, device health and availability management, security and service-level reporting, and other security administration activities.
- Monitor security events and conduct investigation and analysis, identify false positives, prepare notification to clients for security incidents and participate in incident response operations, if required, using documented processes and procedures, security tools and resources.
- Work with escalation teams such as MSIEM Tier 2 / 3 and other IBM or client infrastructure teams to gain additional information for analysis and correlation of events.
- Perform steady state management of various security infrastructure and solutions such as SIEM, Firewall, UTM, IDS/IPS, WAF, eMail Security, Endpoint security, DLP, etc
- Perform assigned activities in a shift rotation (12 hours). Shifts could be in the day or night period, weekdays, weekends and holidays. Some on-call availability may also be required.
- Maintain and increase security awareness, information, training and certifications on an ongoing basis, to be seen by clients as subject matter experts and trusted advisors for the managed services being rendered and IT security in general.
- Perform assigned work following all IBM business and cybersecurity policies and guidelines, account and client processes and procedures; and contribute towards continuous improvements to the services.
- Participate and contribute towards maintaining and creating effective operations documentation, wikis, knowledgebase articles, etc. Be a team player and proactively identify and escalate to management any risks and opportunities in the managed services.
- Engage in regular cadence with client and IBM governance teams and provide value add by means of recommendations to drive efficiency and value while minimizing vulnerabilities.
Note: This role requires an individual flexible for 24x7x365 shift rotation (including 12 hour shift requirement)
Required Technical and Professional Expertise
- English Fluent (verbal and written)
- Canadian Security Level 2 Secret Cleared
- Experience in a Security Operations Role
- Experience in security event analysis and triage.
- SIEM experience, preferably on QRadar, including management, rules creation, use case deployment, reporting, correlation, and investigation.
- This role requires an individual flexible for 24x7x365 shift rotation (including 12 hour shift requirement)
Preferred Tech and Prof Experience
- Language: Bilingual (English & French)
- Network security skills (Firewall rules, UTM, WAF, VMS, EDR, Sandbox solutions, NAC, IPS/IDS, Load Balancer, etc.), preferably on the following technologies: FortiNet, Cisco, Palo Alto, Carbon Black, Proofpoint, FireEye, F5, ForeScout, BlueCoat
- Bachelor’s degree in Computer Science/Information Technology
- Sound understanding of Industry Leading security Solutions
- Industry recognized security certifications This can include security methodology (Eg. CISSP, CISA, ITIL, etc.).
- Technical certifications, product and vendor specific certifications (Eg. CCNA, CCSP, FNSE, PCNSE, BCCPA, JNCIS-FWV, etc.).
- Client facing experience supporting large scale security solutions.
- Sound understanding of networking concepts
- Experience using Linux-based systems
- Basic knowledge and understanding of Databases
IBM is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.