Security Consultant SOC Analyst

About IBM Consulting

A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences.

Your Role And Responsibilities

As a Security Consultant focusing on SOC analysis, you will be responsible for:

• Monitoring and triaging security alerts from SIEM and XDR platforms, including SIEM platform and XSOAR.
• Performing initial analysis to identify true positives, false positives, and suspicious activities.
• Investigating incidents such as malware, phishing, lateral movement, and data exfiltration.
• Executing incident response actions including containment, eradication, and recovery coordination.
• Onboarding and normalizing logs from multiple sources (firewalls, endpoints, servers, cloud).
• Mapping detections and incidents to MITRE ATT&CK techniques and tactics.
• Working on XDR/XSIAM incident handling, alert enrichment, and automated response workflows.
• Integrating and operating SOAR platforms like Cortex XSOAR for playbook execution.
• Creating and maintaining automation scripts using Python, PowerShell, or APIs.
• Analyzing endpoint, network, and user activity logs for anomaly detection.
• Reducing alert fatigue by fine-tuning detection logic and improving signal-to-noise ratio.
• Generating incident reports, dashboards, and operational metrics (MTTD, MTTR).
• Collaborating with IR, network, endpoint, and application teams for remediation.
• Leveraging threat intelligence feeds and IOCs for proactive detection.
• Supporting compliance, audit requirements, and security assessments.
• Continuously improving SOC processes, detection coverage, and response capabilities.

Preferred Education

Master's Degree

Required Technical And Professional Expertise

• Hands-on experience with SIEM/XDR platforms, specifically Palo Alto Cortex XSIAM.
• Basic scripting skills (Python, PowerShell, or Bash) for automation and enrichment.
• Strong analytical thinking and problem-solving capability.

Preferred Technical And Professional Experience

• Experience in purple teaming, attack simulation, or detection validation.
• Understanding of compliance frameworks (ISO 27001, NIST, CIS).
• Experience in API integrations and advanced automation use cases.
• Ability to create dashboards, reports, and SOC metrics (MTTD, MTTR, SLA tracking).

Key skills/competency

• Security Information and Event Management (SIEM)
• Extended Detection and Response (XDR)
• Security Orchestration, Automation, and Response (SOAR)
• Incident Response
• Threat Intelligence
• MITRE ATT&CK
• Scripting (Python, PowerShell)
• Log Analysis
• Network Security
• Endpoint Security